Opinion of 4 June 2010 on the notification of a prior check relating to the file "Procedures to be applied for the consultation and updating of the central exclusion database" (Case 2010-248)
The purpose of the processing operation is to establish within the Committee of the Regions a procedure that makes it possible to comply with obligations arising from Article 95 of the Financial Regulation. This notice is to be read in parallel with the prior check on the central exclusion database at the Commission (file 2009-0681) adopted at the end of May 2010.
The Accounting Officer of the Committee of the Regions has drawn up and distributed a memorandum for the attention of the financial operators of the Committee of the Regions. The main elements in this memorandum are the organisation of the consultation of the central exclusion database, the recording and updating of the central exclusion database and the provision of information in advance to the legal entities.
The EDPS concludes that there appear to be no violations of the provisions of Regulation No 45/2001, provided that certain recommendations are taken into account. The Committee of the Regions must ensure that the purposes referred to in the clause on specific information appear clearly, so that they are specified and explicit. The Committee of the Regions must also take all necessary measures to ensure that, in the event of a justified request or obvious error, the exclusion is no longer present on the central exclusion database. Finally, the Committee of the Regions must amend the note of the Committee of the Regions in order to stipulate that the transfers shall initially be made to the central exclusion database managed by the Commission and refer, within the context of international transfers, to the additional discussions that the EDPS is to hold on prior checks on the central exclusion database managed by the Commission.
Opinion of 26 May 2010 on a notification for prior checking regarding the processing operation on personal data concerning the "Registration of a Data Subject in the Central Exclusion Database" (Case 2009-0681)
In view of protecting the financial interests of the institutions, on the basis of the Financial Regulation, the European Commission processes data which are contained in a central exclusion database and which may only be used for the purposes of excluding from any procurement or grant procedures funded with EU Funds or EDF Funds, entities which represent a threat to the European financial interests.
The EDPS conducted his analysis in full cooperation with the Institution from an early stage of the procedure and concludes that there is no reason to believe that there is a breach of the provisions of Regulation 45/2001. However, the EDPS made some recommendations regarding the prior information of candidates, tenderers and grant applicants to be provided in the call for proposals and call for tenders. Moreover, he underlines the necessity to ensure that in case of manifest error in the inclusion of an entity in the database or if an entity has been cleared, the procedure will entail no legal consequences to it.
Opinion of 17 March 2014 on the notification for prior checking received from the Data Protection Officer of the European Court of Auditors concerning the ECA's Panel for Financial Irregularities (Case 2013-0846)
The Opinion regards the European Court of Auditors' Panel for Financial Irregularities ("PFI"), which is competent to examine any infringement by an official or other member of the ECA's staff of a provision of the Financial Regulation or of any rule relating to financial management or the audit of transactions. The EDPS noted with great regret that the processing operation had already been established, but highlighted that the recommendations made by the EDPS need to be adopted accordingly. These focus mainly on ensuring that data subjects concerned benefit from their rights by means of (i) a privacy statement containing all pieces of information required under Articles 11 and 12 of the Regulation and ensuring that every data subject receives the privacy statement when his/her personal data is first recorded or disclosed, (ii) a reference to the right of the person concerned to comment on the facts mentioned in the draft final report in the Rules of Procedure and (iii) rules to safeguard the rights of other data subjects to access and rectification under Articles 13 and 14 of the Regulation.
Prior check opinion regarding early detection and exclusion system database at the European Commission (Case 2016-0864)
The EDES-DB is the new system established by the Commission to reinforce the protection of the Union's financial interests and to ensure sound financial management. It replaced the Early Warning System and the Central Exclusion Database as of 1 January 2016. The rules governing EDES can now be found in the revised Financial Regulation for the EU institutions. The EDPS recommends establishing an explicit limited retention period for the further uses of the EDES-DB information envisaged in the notification.
Prior check opinion regarding remuneration policies and credits to senior officials of significant entities supervised by the ECB (Case 2017-0358)
As part of its banking supervision role, the European Central Bank has to assess and approve significant supervised entities’ remuneration policies. This may result in adverse consequences to employees of significant supervised entities, possibly excluding them from rights under their employment contracts.
The ECB also has a role to play concerning loans of significant supervised entities to their own employees, which may also result in refusing loans to them, thus excluding them from a contract.
The reform of the EU rules on data protection will support the recovering but still fragile European economy, said the European Data Protection Supervisor following the presentation of his Annual Report of activities for 2013 to the Committee on Civil Liberties, Justice and Home Affairs (LIBE) at the European Parliament.