Annex. I. Strengthening the basic right to data protection and strengthening the rights of the individual
|
|
- Erick Daniel
- 7 years ago
- Views:
Transcription
1 Annex Comments on the consultation regarding the Communication A comprehensive approach on personal data protection in the European Union, COM(2010) 609 final I. Strengthening the basic right to data protection and strengthening the rights of the individual 1. Germany s federal and state data protection commissioners welcome the European Commission s guiding principle for the reform of EU data protection law: fully applying the fundamental right to the protection of personal data under Article 8 of the EU Charter of Fundamental Rights. 2. We also welcome the European Commission s ideas for improving the rights of the individual. As proposed in the Communication, these include introducing a general principle of transparency; introducing specific obligations for data controllers on the type of information to be provided to data subjects; improving modalities for exercising rights to access, correction, deletion or blocking of data on the Internet by electronic means; introducing a right to be forgotten ; introducing the principle of Privacy by Design; and introducing certification schemes for privacy-compliant processes, technologies and products. II. Greater legal protection on the Internet and protection against profiling 3. The federal and state data protection commissioners believe that the existing EU legal framework must be revised, especially in view of the Internet and increasing threats to privacy rights posed by new types of data processing, such as profiling or the unwanted forwarding of data, such as addresses from the contact information of third parties. 4. The Communication does not sufficiently address the issue of profiling. The federal and state data protection commissioners find the following measures to be necessary to protect individuals against unlawful profiling: Profiling should be allowed only on a concrete legal basis which is sensitive to the special threat potential of profiling, or on the basis of the data subject s informed consent. Effective consent requires comprehensive information about the range and origin of linked data, the purpose of the profile and how it will be used, the controller and planned date of deletion. Consent must be voluntary and revocable at any time. If consent is withdrawn, the profile must be immediately deleted, also by those controllers to which it has been transmitted. 1322/2011 ZUSTELL- UND LIEFERANSCHRIFT VERKEHRSANBINDUNG Husarenstraße 30, Bonn Straßenbahn 61, Finanzministerium
2 SEITE 2 VON 6 5. At EU level, the conditions under which data may be processed for the purpose of profiling, for example in the context of sensitive data as referred to in Article 8 of the Data Protection Directive (95/46), could be regulated (see also IV). In doing so, the conditions of technical data protection, such as rendering anonymous and using aliases, as well as data protection in general should be taken into account. A legal definition of profiling covering different kinds of profiles, such as behavioural, user or movement profiles, is also needed. III. Applicability of national law 6. A central issue in revising the directive relates to the applicability of national law as referred to in Article 4 of Directive 95/46. The federal and state data protection commissioners agree with the aim described in the Communication of providing for the same level of data protection for data subjects in the EU even when their personal data are processed outside the EU. 7. Because leading Internet service providers based in third countries do not currently consider themselves bound by European law, in order to apply EU and national law more effectively a criterion needs to be added which extends further than the criteria of establishment and equipment referred to in Article 4 of Directive 95/46. This (additional) criterion for matters related to third countries could, for example, be the targeted provision of a commercial or other information society service to persons residing or established in the relevant Member State. This kind of service-related criterion would cover all online products and services including social networks targeted at users in EU Member States; the criterion of residence or establishment would keep the scope of national law from extending to non-national matters. IV. Special categories of personal data (sensitive data) 8. The federal and state data protection commissioners also favour revising Article 8 of Directive 95/46 on special categories of personal data. This provision should not only be revised to include additional categories of data (such as genetic data), but also be thoroughly reworked in order to cover future developments of new data. Genetic and biometric data which have become available in this form only within the past few years are unanimously regarded as especially sensitive. Future technological and scientific developments are likely to lead to new types of data which will not be covered by a data catalogue frozen at the current state of knowledge. 9. To ensure greater flexibility, therefore, the future legislation should avoid conclusive lists of particular data categories subject to a general prohibition on processing which can be limited by extensive exceptions, which the Member States may also implement differently. Instead, we suggest including a general definition of the term sensitive data which is oriented on Recital 33, first clause, of Directive 95/46 ( data which are capable by their nature of infringing fundamental freedoms or privacy ) and mentioning specific types of data only as examples. This definition should be accompanied by
3 SEITE 3 VON 6 the additional criterion of the data processing context. In the interest of a common understanding among the Member States, legal definitions of data categories specifically referred to should be provided. 10. This approach would also cover those categories of data, the processing of which may be extremely intrusive depending on the context. This applies for example to new data processing phenomena such as profiling or facial recognition services on the Internet; it also applies to government measures such as retention of telecommunications data for possible future use. Because such data can reveal information extending to the most personal sphere, their processing should be allowed only for reasons of substantial public interest or to protect vital interests of the data subject or other persons and only under special conditions of data security. V. Form of the future EU legal framework 11. The future legal framework must not lower existing standards in the Member States to a "lowest common denominator", and it must certainly not lead to more bureaucracy in certain areas, such as notification requirements (see VI below). The federal and state data protection commissioners believe that a directive would be the most effective way of achieving this aim in view of the established traditions and legal standards in the Member States and the EU s limited legislative competence on national data processing in the public sector. VI. Corporate data protection officials 12. The greater degree of harmony sought by the European Commission must not lead to restrictions of procedures tried and tested in the Member States. For example, Germany must not be forced to give up data protection inspections which corporate data protection officials have conducted successfully for years. 13. This two-track system of in-house inspections conducted by corporate data protection officials and external inspections by government data protection authorities has proved effective. Corporate data protection officials provide companies with valuable expertise for the increasingly complex requirements of data protection. Data protection officials therefore play an important role in companies data protection compliance and serve as contact persons for the company leadership, for staff, supervisory authorities and data subjects. 14. The federal and state data protection commissioners therefore welcome the European Commission s proposal to require the appointment of an independent data protection official, as long as this also entails the possibility of simplifying or even doing away entirely with the notification requirements in Articles 18 and 19 of Directive 95/46. VII. Data protection in the areas of police and criminal justice
4 SEITE 4 VON Given the fact that the Lisbon Treaty, in Article 16 of the Treaty on the Functioning of the European Union (TFEU), has abolished the previous pillar structure of the EU and introduced a new and comprehensive legal basis for the protection of personal data, the federal and state data protection commissioners welcome the Commission s intention to consider extending the application of the general data protection rules to the areas of police and judicial cooperation in criminal matters. 16. The federal and state data protection commissioners call on the European Commission to make sure that the principles of the future EU legal framework also apply consistently to international matters (EU-third country relations and Member State-third country relations). 17. We therefore welcome the European Commission s intention to align, in the long term, the existing various sector-specific rules adopted at EU level for police and judicial cooperation in criminal matters. However, it would be desirable if the alignment process could be initiated not in the long term, as stated in the Communication, but soon, in the course of revising the directive and could be promoted by the Commission by means of appropriate initiatives at EU level. 18. Another important issue is the future organization and legal anchoring of the supervisory and advisory bodies under data protection law in the former third pillar. Not only is European law on data processing by the police is not only an incoherent and confusing conglomeration of different data protection regimes, it has also created a complex conglomeration of different supervisory and advisory bodies. Without ensuring that an advisory body exists at European level for the former third pillar, the old pillar structure would thus be incompletely overcome. The federal and state data protection commissioners believe that this task should be performed in future by the Article 29 Working Party. 19. It is also necessary to enhance the efficiency of the supervisory activities of the joint supervisory bodies of Europol, Eurojust, SIS and ZIS. The European Commission announces in its Communication that in 2011 it will launch a consultation on this matter. Apart from any need for further consultation on this matter, we believe it would be preferable to combine supervisory activities for the various information systems and institutions within a single joint supervisory body. VIII. The global dimension of data protection 20. The federal and state data protection commissioners agree with the Commission that existing processes and instruments of international data transfer must be improved and better coordinated with each other. Just as in the former third pillar, it is necessary to ensure that all existing agreements of the EU and the Member States comply with the future legal framework. 21. Effective protection for the rights of individuals should be accompanied by the necessary possibilities for enforcement at international level. Because these do not currently
5 SEITE 5 VON 6 exist in fact, it is all the more important for the European Commission to work towards strengthening the International Standards adopted at the 2009 International Data Protection Conference in Madrid and towards concluding internationally binding data protection agreements in the medium term. Precisely in the EU s relations with the U.S., strengthening the Safe Harbor regime and concluding a viable data protection agreement in the area of criminal prosecution is especially important. Such an agreement should not be limited to administrative cooperation, but should provide for individually enforceable rights and should apply also to existing bilateral agreements of the Member States. IX. Binding Corporate Rules (BCRs) 22. Related to the review of existing procedures for international data transfer is the question of how binding legal instruments and Binding Corporate Rules (BCRs) can be improved and better coordinated. In its Communication, the European Commission refers to the Opinion of the Article 29 Data Protection Working Party and the Police and Justice Working Party of 1 December 2009 (WP 168). In Nos. 37 and 38 of this Opinion, the Article 29 Working Party favours provisions recognizing the BCRs as a suitable way to provide appropriate protection measures. This would make BCRs the equivalent of the contractual clauses referred to in Article 26 (2) of the Data Protection Directive, which the federal and state data protection commissioners favour. 23. In addition, a provision should be adopted which gives data-transferring bodies security about the acceptance of the decision on the recognition of BCRs in a Member State which may be reached in cooperation with two other Member States as partners from all other Member States. For this reason, formalizing the current procedure, which is based only on non-binding agreements between data protection authorities, should be considered. A suitably short period for objections under Article 26 (3) third sentence of the Data Protection Directive could be provided; after this period has elapsed, a lack of objection would be regarded as approval of concrete BCRs. Such an explicit provision on time limits for objections would simplify the EU-wide authorization process and would avoid conflicting decisions. 24. International data transfers could also be eased by giving the Commission the possibility to decide on standard BCRs. Like those based on standard contractual clauses, data transfers based on such standard BCRs would then require no authorization. This approach has been discussed for years in Germany in both data protection and industry circles. The European Commission has so far not pursued this approach, because unlike Article 26 (2), Article 26 (4) of the Data Protection Directive refers explicitly only to contractual clauses. 25. Globally active companies increasingly use intra-group agreements made up of elements from standard contractual clauses and from already authorized BCRs. These contracts (comparable in scope to BCRs) currently require formal and lengthy review
6 SEITE 6 VON 6 by every supervisory authority concerned in Europe to be recognized as ensuring an adequate level of protection. 26. To avoid conflicting decisions by the supervisory authorities and to speed up the process of authorizing intra-group agreements in Europe, it would be appropriate for mutual recognition to apply to them (like BCRs). The European Commission should have the possibility to decide on standard intra-group agreements as well as BCRs. X. Strengthening the data protection authorities 27. The federal and state data protection commissioners welcome the Commission s intention to strengthen and clarify the status and powers of the national data protection authorities and to fully implement the concept of complete independence.
BCS, The Chartered Institute for IT Consultation Response to:
BCS, The Chartered Institute for IT Consultation Response to: A Comprehensive Approach to Personal Data Protection in the European Union Dated: 15 January 2011 BCS The Chartered Institute for IT First
More information29 October 2015 Conference of the Independent Data Protection Authorities of the Federation and the Federal States
29 October 2015 Conference of the Independent Data Protection Authorities of the Federation and the Federal States Key data protection points for the trilogue on the data protection directive in the field
More informationCOMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS
EUROPEAN COMMISSION Brussels, XXX [ ](2011) XXX draft COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS
More informationStatement on the general concept of the European Union towards Data Protection by Aktion Freiheit statt Angst e.v.; EU Register ID 17019643006-45
Berlin, 10. Januar 2011 Aktion Freiheit statt Angst Rochstr. 3 Directorate-General Justice Unit C3 Data protection European Commission B - 1049 Brussels Statement on the general concept of the European
More information10227/13 GS/np 1 DG D 2B
COUNCIL OF THE EUROPEAN UNION Brussels, 31 May 2013 10227/13 Interinstitutional File: 2012/0011 (COD) DATAPROTECT 72 JAI 438 MI 469 DRS 104 DAPIX 86 FREMP 77 COMIX 339 CODEC 1257 NOTE from: Presidency
More informationSection 1: Development of the EU s competence in the field of police and judicial cooperation in criminal matters
CALL FOR EVIDENCE ON THE GOVERNMENT S REVIEW OF THE BALANCE OF COMPETENCES BETWEEN THE UNITED KINGDOM AND THE EUROPEAN UNION Police and Criminal Justice LEGAL ANNEX Section 1: Development of the EU s competence
More informationDER HESSISCHE DATENSCHUTZBEAUFTRAGTE
DER HESSISCHE DATENSCHUTZBEAUFTRAGTE als Vorsitzender der Konferenz der Datenschutzbeauftragten des Bundes und der Länder 2015 Conference of the Data Protection Commissioners of the Federal Government
More informationThe reform of the EU Data Protection framework - Building trust in a digital and global world. 9/10 October 2012
The reform of the EU Data Protection framework - Building trust in a digital and global world 9/10 October 2012 Questionnaire addressed to national Parliaments Please, find attached a number of questions
More informationCorporate Policy. Data Protection for Data of Customers & Partners.
Corporate Policy. Data Protection for Data of Customers & Partners. 02 Preamble Ladies and gentlemen, Dear employees, The electronic processing of virtually all sales procedures, globalization and growing
More informationHow To Protect Your Data In European Law
Corporate Data Protection Code of Conduct for the Protection of the Individual s Right to Privacy in the Handling of Personal Data within the Deutsche Telekom Group 2010 / 04 We make ICT strategies work
More informationThe eighth data protection principle and international data transfers
Data Protection Act 1998 The eighth data protection principle and international data transfers The Information Commissioner s recommended approach to assessing adequacy including consideration of the issue
More information***I DRAFT REPORT. EN United in diversity EN 2012/0011(COD) 17.12.2012
EUROPEAN PARLIAMT 2009-2014 Committee on Civil Liberties, Justice and Home Affairs 17.12.2012 2012/0011(COD) ***I DRAFT REPORT on the proposal for a regulation of the European Parliament and of the Council
More informationThe Data Protection Landscape. Before and after GDPR: General Data Protection Regulation
The Data Protection Landscape Before and after GDPR: General Data Protection Regulation Data Protection regulations across Europe Current regulations & guidance European Directives 95/46/EC (Data Protection)
More informationPrivacy vs Data Protection. PRESENTATION TITLE GOES HERE Eric A. Hibbard, CISSP, CISA Hitachi Data Systems
Privacy vs Data Protection PRESENTATION TITLE GOES HERE Eric A. Hibbard, CISSP, CISA Hitachi Data Systems Introduction The terms privacy and data protection are often used interchangeable In reality they
More informationI. Personal data and its use in the business to business environment.
RESPONSE FROM THE DIRECT MARKETING ASSOCIATION (UK) LTD. TO THE EUROPEAN COMMISSION'S CONSULTATION ON THE IMPLEMENTATION OF DIRECTIVE 95/46 EC ON THE PROTECTION OF INDIVIDUALS WITH REGARD TO THE PROCESSING
More informationCOMMISSION OF THE EUROPEAN COMMUNITIES GREEN PAPER
EN EN EN COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 11.11.2009 COM(2009) 624 final GREEN PAPER on obtaining evidence in criminal matters from one Member State to another and securing its admissibility
More informationProposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion
Page 1 sur 155 Proposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion Legal nature of the instrument Règlement Directive Directly applicable act in internal law 91 articles 34 articles Art.
More information235.1. Federal Act on Data Protection (FADP) Aim, Scope and Definitions
English is not an official language of the Swiss Confederation. This translation is provided for information purposes only and has no legal force. Federal Act on Data Protection (FADP) 235.1 of 19 June
More informationProcessor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries
Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries Sopra HR Software as a Data Processor Sopra HR Software, 2014 / Ref. : 20141120-101114-m 1/32 1.
More informationData Protection Ensuring high level of privacy while promoting business innovation and competition
Data Protection Ensuring high level of privacy while promoting business innovation and competition Tele2 AB, Skeppsbron 18 P.O Box 2094, SE-103 13 STOCKHOLM, SWEDEN Tel +46 8 5620 0000, Fax +46 8 5620
More informationData Protection Policy.
Data Protection Policy. Data Protection Policy Foreword 2 Foreword Ladies and Gentlemen, In the information age, we offer customers the means to be always connected, even in their cars. This requires data
More informationon the Proposal for a Regulation of the European Parliament and of the Council laying
Opinion of the European Data Protection Supervisor on the Proposal for a Regulation of the European Parliament and of the Council laying down measures concerning the European single market for electronic
More informationMinister Shatter presents Presidency priorities in the JHA area to European Parliament
Minister Shatter presents Presidency priorities in the JHA area to European Parliament 22 nd January 2013 The Minister for Justice, Equality and Defence, Alan Shatter TD, today presented the Irish Presidency
More informationEUROPEAN PARLIAMENT AND COUNCIL DIRECTIVE. on a common framework for electronic signatures
COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 29.04.1999 COM(1999) 195 fmal 98/0191(COD) Amended proposal for a EUROPEAN PARLIAMENT AND COUNCIL DIRECTIVE on a common framework for electronic signatures
More informationAMENDMENTS TO THE DRAFT DATA PROTECTION REGULATION PROPOSED BY BITS OF FREEDOM
AMENDMENTS TO THE DRAFT DATA PROTECTION REGULATION PROPOSED BY BITS OF FREEDOM On 25 January 2012, the European Commission published a proposal to reform the European data protection legal regime. One
More informationBinding Corporate Rules ( BCR ) Summary of Third Party Rights
Binding Corporate Rules ( BCR ) Summary of Third Party Rights This document contains in its Sections 3 9 all provision of the Binding Corporate Rules (BCR) for Siemens Group Companies and Other Adopting
More informationInformation Sharing and Data Protection in the Area of Freedom, Security and Justice
Information Sharing and Data Protection in the Area of Freedom, Security and Justice Towards Harmonised Data Protection Principles for Information Exchange at EU-level Bearbeitet von Franziska Boehm 1.
More informationHow To Regulate Data Protection In European Union
EUROPEAN COMMISSION Brussels, XXX COM(2012) 11/3 draft Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of individuals with regard to the processing of personal
More informationeprivacy GmbH Criteria Catalogue "eprivacyapp" June 2015
eprivacy GmbH Criteria Catalogue "eprivacyapp" June 2015 The eprivacyapp seal for data security and data protection from eprivacy GmbH certifies the respective requester that his/her offer is compliant
More informationInto the Cloud: How will the Draft EU Data Protection Regulation affect cloud computing service providers and users?
10 Juni 2013 Taylor Wessing - Essay Competition 2013 Into the Cloud: How will the Draft EU Data Protection Regulation affect cloud computing service providers and users? by Katarina Kesselová, LLM. Introduction
More informationTHE PRINCIPLE OF SUBSIDIARITY
THE PRINCIPLE OF SUBSIDIARITY In areas which do not fall within the Union s exclusive competence, the principle of subsidiarity, laid down in the Treaty on European Union, defines the circumstances in
More informationCOMMISSION OF THE EUROPEAN COMMUNITIES REPORT FROM THE COMMISSION ON MONITORING THE APPLICATION OF COMMUNITY LAW (2003) OVERALL POSITION
COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 30.12.2004 COM(2004) 839 final REPORT FROM THE COMMISSION ON MONITORING THE APPLICATION OF COMMUNITY LAW (2003) OVERALL POSITION 21st ANNUAL REPORT {SEC(2004)
More informationINFORMAL HIGH-LEVEL ADVISORY GROUP ON THE FUTURE OF EU HOME AFFAIRS POLICY (THE FUTURE GROUP)
Sweden 17 October 2007 INFORMAL HIGH-LEVEL ADVISORY GROUP ON THE FUTURE OF EU HOME AFFAIRS POLICY (THE FUTURE GROUP) Discussion paper on the essentials of a European information network in 2014 I. The
More informationUnder European law teleradiology is both a health service and an information society service.
ESR statement on the European Commission Staff Working Document on the applicability of the existing EU legal framework to telemedicine services (SWD 2012/413). The European Society of Radiology (ESR)
More informationVersion 56 (29/11/2011)
EUROPEAN COMMISSION Brussels, XXX [ ](2011) XXX draft Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of individuals with regard to the processing of personal
More informationLIMITE EN COUNCIL OF THE EUROPEAN UNION. Brussels, 3 February 2012 5999/12 LIMITE JAI 53 USA 2 DATAPROTECT 13 RELEX 76
COUNCIL OF THE EUROPEAN UNION Brussels, 3 February 2012 5999/12 LIMITE JAI 53 USA 2 DATAPROTECT 13 RELEX 76 NOTE from: Commission services to: JHA Counsellors No. prev. doc.: 17480/10 JAI 1049 USA 127
More informationOVERVIEW. stakeholder engagement mechanisms and WP29 consultation mechanisms respectively.
Joint work between experts from the Article 29 Working Party and from APEC Economies, on a referential for requirements for Binding Corporate Rules submitted to national Data Protection Authorities in
More information12 January 2011. Register of Interest Representatives Identification number in the register: 52646912360-95
Z E N T R A L E R K R E D I T A U S S C H U S S MITGLIEDER: BUNDESVERBAND DER DEUTSCHEN VOLKSBANKEN UND RAIFFEISENBANKEN E.V. BERLIN BUNDESVERBAND DEUTSCHER BANKEN E.V. BERLIN BUNDESVERBAND ÖFFENTLICHER
More informationCivil Rights, Security and Consumer Protection in the EU
Internationale Politikanalyse Internationale Politikanalyse International Policy Analysis European Integration Working Group* Civil Rights, Security and Consumer Protection in the EU Civil Liberties: Data
More informationLIMITE EN. Background
Background Following the Paris shooting on 7 January 2015, there have been a number of developments that have recently led to the creation of the European Counter-Terrorism Centre (ECTC) and the Internet
More informationAcquia Comments on EU Recommendations for Data Processing in the Cloud
Acquia Comments on EU Recommendations for Data Processing in the Cloud Executive Summary On July 1, 2012, European Union (EU) data protection regulators provided guidelines for service providers processing
More informationPresidency conclusions on establishing a strategy to combat the manipulation of sport results
COU CIL OF THE EUROPEA U IO EN Presidency conclusions on establishing a strategy to combat the manipulation of sport results 3201st EDUCATIO, YOUTH, CULTURE and SPORT Council meeting Brussels, 26 and 27
More informationApplication of Data Protection Concepts to Cloud Computing
Application of Data Protection Concepts to Cloud Computing By Denitza Toptchiyska Abstract: The fast technological development and growing use of cloud computing services require implementation of effective
More informationOrdinary Legislative Procedure
Annex 4 LIST OF THE ARTICLES COMING UNDER ORDINARY LEGISLATIVE PROCEDURE The Treaty of Lisbon plans for extension of the so-called "codecision" procedure, which is now called "ordinary legislative procedure",
More informationFactsheet on the Right to be
101010 100101 1010 101 Factsheet on the Right to be 100 Forgotten ruling (C-131/12) 101 101 1) What is the case about and what did 100 the Court rule? 10 In 2010 a Spanish citizen lodged a complaint against
More informationJan Philipp Albrecht Rapporteur, Committee on Civil Liberties, Justice and Home Affairs European Parliament
September 5, 2012 Jan Philipp Albrecht Rapporteur, Committee on Civil Liberties, Justice and Home Affairs European Parliament Lara Comi Rapporteur, Committee on Internal market and Consumer Protection
More informationInsurance Europe key messages on the European Commission's proposed General Data Protection Regulation
Position Paper Insurance Europe key messages on the European Commission's proposed General Data Protection Regulation Our reference: SMC-DAT-12-064 Date: 3 September 2012 Related documents: Proposal for
More informationResponse from REGLEG to the Consultation on the Common Strategic Framework
1 Response from REGLEG to the Consultation on the Common Strategic Framework REGLEG welcomes the early publication of the Commission Staff Working Document Elements for a Common Strategic Framework 2014
More informationBinding Corporate Rules Privacy (BCRP) personal Telekom Group rights in the handling of personal data within the Deutsche Telekom Group
Binding Corporate Rules Privacy (BCRP) Binding Corporate corporate Rules rules Privacy for (BCRP) the protection of personal Telekom Group rights in the handling of personal data within the Deutsche Telekom
More informationDeclaration of Internet Rights Preamble
Declaration of Internet Rights Preamble The Internet has played a decisive role in redefining public and private space, structuring relationships between people and between people and institutions. It
More informationGuidelines on data protection in EU financial services regulation
Guidelines on data protection in EU financial services regulation 1 Contents Table of Contents 10-point checklist for analysing data protection and privacy...4 1. Data protection and financial services
More informationEUROPEAN DATA PROTECTION SUPERVISOR
C 47/6 Official Journal of the European Union 25.2.2010 EUROPEAN DATA PROTECTION SUPERVISOR Opinion of the European Data Protection Supervisor on the Communication from the Commission on an Action Plan
More informationProposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL
EUROPEAN COMMISSION Brussels, 25.1.2012 COM(2012) 11 final 2012/0011 (COD) Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of individuals with regard to the processing
More informationEuropean Union Law and Online Gambling by Marcos Charif
With infringement proceedings, rulings by the European Court of Justice (ECJ) and the ongoing lack of online gambling regulation at EU level, it is important to understand the extent to which member states
More informationComments and proposals on the Chapter IV of the General Data Protection Regulation
Comments and proposals on the Chapter IV of the General Data Protection Regulation Ahead of the trialogue negotiations later this month, EDRi, Access, Panoptykon Bits of Freedom, FIPR and Privacy International
More informationPrivacy and Transparency for Consumer Trust and Consumer Centrality
1 1 2 2 Ecommerce Europe is the association representing around 5000+ companies selling products and/or services online to consumers in Europe. Ecommerce Europe is a major stakeholder in policy issues
More informationCONSULTATION PAPER ON HIGH LEVEL PRINCIPLES ON OUTSOURCING COVER NOTE
CEBS CP 02 April 2004 COMMITTEE OF EUROPEAN BANKING SUPERVISORS CONSULTATION PAPER ON HIGH LEVEL PRINCIPLES ON OUTSOURCING COVER NOTE Introduction 1. European banking supervisors began work in 2002 on
More informationOffice 365 Data Processing Agreement with Model Clauses
Enrollment for Education Solutions Office 365 Data Processing Agreement (with EU Standard Contractual Clauses) Amendment ID Enrollment for Education Solutions number Microsoft to complete 7392924 GOLDS03081
More informationDrawing Lines in the Cloud: Jurisdictional Access to Data. Nancy Libin Mary Ellen Callahan
Drawing Lines in the Cloud: Jurisdictional Access to Data Nancy Libin Mary Ellen Callahan OVERVIEW Introduction to Cloud Computing Definition Benefits and Risks How does the physical location of data or
More informationArticle 29 Working Party Issues Opinion on Cloud Computing
Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,
More informationThe Impact of EU Data Protection Legislation. Thomas Rivera Hitachi Data Systems
Privacy PRESENTATION vs Data TITLE Protection: GOES HERE The Impact of EU Data Protection Legislation Thomas Rivera Hitachi Data Systems SNIA Legal Notice The material contained in this tutorial is copyrighted
More informationHaving regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof,
Opinion of the European Data Protection Supervisor on the Joint Communication of the Commission and of the High Representative of the European Union for Foreign Affairs and Security Policy on a 'Cyber
More informationSummary. Outline of the thesis
Summary International Criminal Court and United Nations Security Council. The Role of the Security Council in the Prosecution of International Crimes by the International Criminal Court Outline of the
More informationProposal for a COUNCIL REGULATION. on the establishment of the European Public Prosecutor's Office. {SWD(2013) 274 final} {SWD(2013) 275 final}
EUROPEAN COMMISSION Brussels, 17.7.2013 COM(2013) 534 final 2013/0255 (APP) Proposal for a COUNCIL REGULATION on the establishment of the European Public Prosecutor's Office {SWD(2013) 274 final} {SWD(2013)
More informationCouncil of the European Union Brussels, 15 January 2015 (OR. en) NOTE German delegation Working Party on Information Exchange and Data Protection
Council of the European Union Brussels, 15 January 2015 (OR. en) Interinstitutional File: 2012/0011 (COD) 14705/1/14 REV 1 LIMITE DATAPROTECT 146 JAI 802 MI 805 DRS 135 DAPIX 150 FREMP 178 COMIX 568 CODEC
More informationEurojust s Multi-annual. Strategic Plan 2012-2014. Organisational developments. Centre of expertise. Operational work. Partners
Eurojust s Multi-annual Strategic Plan 2012-2014 Operational work Centre of expertise Partners Organisational developments Introduction Eurojust is entering a crucial phase of development as it approaches
More informationMerchants and Trade - Act No 28/2001 on electronic signatures
This is an official translation. The original Icelandic text published in the Law Gazette is the authoritative text. Merchants and Trade - Act No 28/2001 on electronic signatures Chapter I Objectives and
More informationARTICLE 29 DATA PROTECTION WORKING PARTY
ARTICLE 29 DATA PROTECTION WORKING PARTY 3211/15/EN WP 233 Opinion 03/2015 on the draft directive on the protection of individuals with regard to the processing of personal data by competent authorities
More informationAIRBUS GROUP BINDING CORPORATE RULES
1 AIRBUS GROUP BINDING CORPORATE RULES 2 Introduction The Binding Corporate Rules (hereinafter BCRs ) of the Airbus Group finalize the Airbus Group s provisions on the protection of Personal Data. These
More informationCOMMISSION STAFF WORKING DOCUMENT. on the existing EU legal framework applicable to lifestyle and wellbeing apps. Accompanying the document
EUROPEAN COMMISSION Brussels, 10.4.2014 SWD(2014) 135 final COMMISSION STAFF WORKING DOCUMENT on the existing EU legal framework applicable to lifestyle and wellbeing apps Accompanying the document GREEN
More information12555/15 CHS/KR/np 1 DGD 2C
Council of the European Union Brussels, 2 October 2015 (OR. en) Interinstitutional File: 2012/0010 (COD) 12555/15 NOTE From: To: Presidency Council No. prev. doc.: 12266/15 No. Cion doc.: 5833/12 Subject:
More informationARTICLE 29 DATA PROTECTION WORKING PARTY
ARTICLE 29 DATA PROTECTION WORKING PARTY 00658/13/EN WP 204 Explanatory Document on the Processor Binding Corporate Rules Adopted on 19 April 2013 This Working Party was set up under Article 29 of Directive
More informationProtection. Code of Practice. of Personal Data RPC001147_EN_D_19
Protection of Personal Data RPC001147_EN_D_19 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Rules Responsibility
More informationTelefónica response to the consultation on the implementation of the Intellectual Property Rights Enforcement Directive
ID REGISTER: Telef05162 Telefónica response to the consultation on the implementation of the Intellectual Property Rights Enforcement Directive Telefónica welcomes the opportunity to comment on the findings
More informationAll rights reserved. 2011, EuroPriSe/ULD
January 2011 Position paper on certifiability of online behavioural advertising systems according to EuroPriSe Follow-up EuroPriSe - European Privacy Seal at the Unabhängiges Landeszentrum für Datenschutz
More informationCouncil of the European Union Brussels, 14 November 2014 (OR. en) Ensuring respect for the rule of law in the European Union
Council of the European Union Brussels, 14 November 2014 (OR. en) 15206/14 FREMP 198 JAI 846 COHOM 152 POLG 156 NOTE From: To: Subject: Presidency Council Ensuring respect for the rule of law in the European
More informationPanel 1. Greater Regulation of Special Threats to Privacy. Data Protection in the 21st Century
Panel 1 Greater Regulation of Special Threats to Privacy Data Protection in the 21st Century Questions for Panel 1 Greater Regulation of Special Threats to Privacy I. Need for reform What are currently
More informationImproving self-regulation through (law-based) Corporate Data Protection Officials *
Improving self-regulation through (law-based) Corporate Data Protection Officials * Article by Christoph Klug ** The rise of globalization and multinational corporations is creating a pressing need for
More informationENFORCEMENT OF IP RIGHTS IN THE DIGITAL ENVIRONMENT CONCERNS, CHALLENGES AND ACTIONS REQUIRED FOR THE PROTECTION OF THE SINGLE MARKET.
ENFORCEMENT OF IP RIGHTS IN THE DIGITAL ENVIRONMENT CONCERNS, CHALLENGES AND ACTIONS REQUIRED FOR THE PROTECTION OF THE SINGLE MARKET GRUR Workshop Brussels March 7, 2007 Michael Keplinger* Overview: 1.
More informationCOMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS
EUROPEAN COMMISSION Brussels, 20.9.2011 COM(2011) 573 final COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE
More informationCouncil of the European Union Brussels, 12 September 2014 (OR. en)
Council of the European Union Brussels, 12 September 2014 (OR. en) Interinstitutional File: 2013/0409 (COD) 13132/14 NOTE From: To: Presidency DROIPEN 104 COPEN 218 CODEC 1799 Working Party on Substantive
More informationTHOMSON REUTERS HUMAN RIGHTS LAW CONFERENCE 2014. Privacy, data retention and state surveillance: Digital Rights Ireland.
THOMSON REUTERS HUMAN RIGHTS LAW CONFERENCE 2014 Privacy, data retention and state surveillance: Digital Rights Ireland Jessica Simor QC Matrix chambers 1. Anya has spoken about Costeja. That case raises
More informationARTICLE 29 Data Protection Working Party
ARTICLE 29 Data Protection Working Party 00451/06/EN WP 118 Working Party 29 Opinion 2/2006 on privacy issues related to the provision of email screening services Adopted on 21 February 2006 This Working
More informationData protection compliance checklist
Data protection compliance checklist What is this checklist for? This checklist is drawn up on the basis of analysis of the relevant provisions of European law. Although European law aims at harmonizing
More informationE U R O P E A N E C O N O M I C A R E A
E U R O P E A N E C O N O M I C A R E A S T A N D I N G C O M M I T T E E O F T H E E F T A S T A T E S Distribution: EEA EFTA 20 March 2012 SUBCOMMITTEE I ON THE FREE MOVEMENT OF GOODS EEA EFTA Comment
More information7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data. Directive 7.08 Protection of Personal Data
Akzo Nobel N.V. Executive Committee Rules 7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data Source Directive Content Owner Directive 7.08 Protection of Personal Data AkzoNobel Legal
More informationPUBLIC PROCUREMENT CONTRACTS
PUBLIC PROCUREMENT CONTRACTS Public authorities conclude contracts to ensure the supply of works and delivery of services. These contracts, concluded in exchange for remuneration with one or more operators,
More informationE-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY
E-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY Oana Dolea 7 th Annual Leg@l.IT Conference March 26th, 2013 Montreal, Canada INTRODUCTION Mobile e-commerce vs. E-commerce Mobile e-commerce:
More informationPlanning application process improvements
Planning application process improvements Government response to consultation January 2015 Department for Communities and Local Government Crown copyright, 2015 Copyright in the typographical arrangement
More informationRESTREINT UE/EU RESTRICTED
COUNCIL OF THE EUROPEAN UNION Brussels, 9 April 2014 8761/14 RESTREINT UE/EU RESTRICTED JAI 220 USA 9 DATAPROTECT 56 RELEX 319 NOTE from : Commission Services to : JHA Counsellors No. prev. doc. : 5999/12
More informationStatewatch analysis. EU Reform Treaty Analysis no. 3.1: Revised text of Part One of the Treaty establishing the European Community (TEC)
Introduction Statewatch analysis EU Reform Treaty Analysis no. 3.1: Revised text of Part One of the Treaty establishing the European Community (TEC) Prepared by Professor Steve Peers, University of Essex
More informationPersonal data and cloud computing, the cloud now has a standard. by Luca Bolognini
Personal data and cloud computing, the cloud now has a standard by Luca Bolognini Lawyer, President of the Italian Institute for Privacy and Data Valorization, founding partner ICT Legal Consulting Last
More informationCOUNCIL OF THE EUROPEAN UNION. Brussels, 29 September 2009 13707/09 LIMITE PI 93
COUNCIL OF THE EUROPEAN UNION Brussels, 29 September 2009 13707/09 LIMITE PI 93 WORKING DOCUMENT from: General Secretariat of the Council to: Working Party on Intellectual Property (Patents) No. prev.
More informationThe new European directive on the rights to interpretation and translation in criminal proceedings
Caroline Morgan, European Commission The new European directive on the rights to interpretation and translation in criminal proceedings 1 Introduction On 20 October 2010, the European Parliament and the
More informationBILL. To be introduced by the Minister for Justice and Constitutional Development
1 ANNEXURE B BILL An Act to promote the protection of personal information processed by public and private bodies; to provide for the establishment of an Information Protection Commission; and to provide
More informationGuidelines for the use of electronic signature
Republic of Albania National Authority for Electronic Certification Guidelines for the use of electronic signature Guide Nr. 001 September 2011 Version 1.3 Guidelines for the use of electronic signature
More informationAGREEMENT BETWEEN THE UNITED STATES OF AMERICA AND THE EUROPEAN POLICE OFFICE
AGREEMENT BETWEEN THE UNITED STATES OF AMERICA AND THE EUROPEAN POLICE OFFICE Preamble The United States of America and the European Police Office (Europol): considering that it is within their common
More informationBrief Summary on the Philippine B bilateral Air Services Agreement
EUROPEAN COMMISSION Brussels, 27.5.2016 COM(2016) 303 final 2016/0156 (NLE) Proposal for a COUNCIL DECISION on the conclusion of the Agreement between the European Union and the Government of the Republic
More informationTHE FORTY RECOMMENDATIONS OF THE FINANCIAL ACTION TASK FORCE ON MONEY LAUNDERING
THE FORTY RECOMMENDATIONS OF THE FINANCIAL ACTION TASK FORCE ON MONEY LAUNDERING 1990 A. GENERAL FRAMEWORK OF THE RECOMMENDATIONS 1. Each country should, without further delay, take steps to fully implement
More information