1 / 17

European Privacy and Data Protection Policy

European Privacy and Data Protection Policy. Peter Hustinx 7 June 2007. ICT dependent society Fundamental rights Legal obligations Rising expectations Risks and realities Privacy governance. Why Privacy Matters. The Bridge to Reality Data Protection in action

heath
Télécharger la présentation

European Privacy and Data Protection Policy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. European Privacy and Data Protection Policy Peter Hustinx 7 June 2007

  2. ICT dependent society Fundamental rights Legal obligations Rising expectations Risks and realities Privacy governance Why Privacy Matters

  3. The Bridge to Reality Data Protection in action “Delivering values” in practice Facing up to consequences Top down, planning & control? Measuring your effectiveness Need for a compliance strategy Why Compliance Matters

  4. Privacy versus Security “Narrow vision” Preserving balance Monitoring safeguards Security and Privacy “Broader vision” Increased sensitivity Conditions for success “Surveillance society” Privacy by design Changing Context?

  5. CoE Convention 108 Principles, subject rights, supervisory authorities EC Directives 95/46 and 97/66 (2002/58) Article 286 EC Treaty Regulation (EC) 45/2001 Community institutions and bodies Scope of Community law Österreichischer Rundfunk > PNR Cases EU Charter > Constitutional Treaty? EU Data Protection

  6. Article 286 EC Treaty Regulation (EC) 45/2001 Independent authority Supervision Consultation Cooperation Intervention ECJ CMLR October 2006 Role of EDPS

  7. Consultation Policy Article 28.2 of Regulation 45/2001 Inventory for 2007: relevant initiatives (16 > 36) First Pillar Better implementation of Directive 95/46/EC Communications on RFID and PET Revision of E-Privacy Directive 2002/58/EC Third Pillar Data Protection Framework Implementation of Prüm Treaty Consultation

  8. Purpose of Directive Harmonisation of national law Free flow of personal data First Commission Report Work Program 2003-2004 Discussion with Member States Priority for enforcement Notification and information International transfers Promotion of PETs Directive 95/46/EC

  9. Directive 95/46/EC – State of Play Implementation has improved Some countries should do better Directive is fulfilling objectives Rules are substantially appropriate Interaction with new technology Relationship with public interests Commission 2006

  10. Directive 95/46/EC – Perspectives No proposals for amendment Focus on better implementation Infringement procedures Interpretation of provisions Work Program continues Contributions from WP29 Guidance on new technologies Reconsideration in due course Commission 2006

  11. Provisions of Directive 95/46/EC Personal data Controller / processor Applicable law Incompatible use Unambiguous consent Legitimate interests Supervisory authority Interpretation

  12. “Any information ….” content, nature, format “… relating to …” content, purpose, result “… an identified or identifiable …” reasonable means “… natural person” living individual, business data WP29 on Personal Data

  13. Directive 2002/58/EC Revision of e-Privacy Security measures Communication on RFID Applicability Directive 95/46/EC Impact of key provisions Need for additional measures Communication on PETs Analysis and standards Supporting practical use Privacy & Technology

  14. Data Protection Framework (I-II) Common standards of wide scope Consistency with Directive 95/46/EC Implementation of Prüm Treaty Cautious approach of availability Relies on existing national laws Need for minimum harmonisation Data Protection Framework (III) Condition for effective law enforcement Substantial improvement needed Opinions on Third Pillar

  15. PNR cases Joint cases C-317/04 and C-318/04 before ECJ Public access to documents Cases T-170/03 (British American Tobacco), T-161/04 (Valero Jordano) and T-194/04 (Bavarian Lager) at CFI Data retention directive 2006/24/EC Case C-301/06 (Ireland vs Council and EP) at ECJ Scope of legal basis in first pillar? Court Interventions

  16. Transatlantic Data Protection Values and Perspectives Safe Harbor, PNR and SWIFT Scope for a Common Framework Global Privacy and Data Protection Feasibility of Global Standards Developing Compliant Practices London Initiative (November 2006) “Making Data Protection More Effective” Global Privacy

  17. More information: www.edps.europa.eu edps@edps.europa.eu Postal address: Rue Wiertz 60 - MO 63 B-1047 Brussels

More Related