[e-privacy] European Commission sets out strategy to strengthen EU data protection rules

Andrea Glorioso andrea a digitalpolicy.it
Gio 4 Nov 2010 17:41:10 CET 

http://europa.eu/rapid/pressReleasesAction.do?reference=IP/10/1462&format=HTML&aged=0&language=EN&guiLanguage=en

European Commission sets out strategy to strengthen EU data protection rules

What happens to your personal data when you board a plane, open a bank
account, or share photos online? How is this data used and by whom? How
do you permanently delete profile information on social networking
websites? Can you transfer your contacts and photos to another service?
Controlling your information, having access to your data, being able to
modify or delete it – these are essential rights that have to be
guaranteed in today's digital world. To address these issues, the
European Commission today set out a strategy on how to protect
individuals' data in all policy areas, including law enforcement, while
reducing red tape for business and guaranteeing the free circulation of
data within the EU. This policy review will be used by the Commission
with the results of a public consultation to revise the EU’s 1995 Data
Protection Directive. The Commission will then propose legislation in 2011.

"The protection of personal data is a fundamental right," said
Vice-President Viviane Reding, EU Commissioner for Justice, Fundamental
Rights and Citizenship. "To guarantee this right, we need clear and
consistent data protection rules. We also need to bring our laws up to
date with the challenges raised by new technologies and globalisation.
The Commission will put forward legislation next year to strengthen
individuals' rights while also removing red tape to ensure the free flow
of data within the EU’s Single Market."

Today's strategy sets out proposals on how to modernise the EU framework
for data protection rules through a series of key goals:

    * Strengthening individuals' rights so that the collection and use
of personal data is limited to the minimum necessary. Individuals should
also be clearly informed in a transparent way on how, why, by whom, and
for how long their data is collected and used. People should be able to
give their informed consent to the processing of their personal data,
for example when surfing online, and should have the "right to be
forgotten" when their data is no longer needed or they want their data
to be deleted.

    * Enhancing the Single Market dimension by reducing the
administrative burden on companies and ensuring a true level-playing
field. Current differences in implementing EU data protection rules and
a lack of clarity about which country's rules apply harm the free flow
of personal data within the EU and raise costs.

    * Revising data protection rules in the area of police and criminal
justice so that individuals' personal data is also protected in these
areas. Under the Lisbon Treaty, the EU now has the possibility to lay
down comprehensive and coherent rules on data protection for all
sectors, including police and criminal justice. Naturally, the
specificities and needs of these sectors will be taken into account.
Under the review, data retained for law enforcement purposes should also
be covered by the new legislative framework. The Commission is also
reviewing the 2006 Data Retention Directive, under which companies are
required to store communication traffic data for a period of between six
months and two years.

    * Ensuring high levels of protection for data transferred outside
the EU by improving and streamlining procedures for international data
transfers. The EU should strive for the same levels of protection in
cooperation with third countries and promote high standards for data
protection at a global level.

    * More effective enforcement of the rules, by strengthening and
further harmonising the role and powers of Data Protection Authorities.
Improved cooperation and coordination is also strongly needed to ensure
a more consistent application of data protection rules across the Single
Market.

The way forward

The Commission's policy review will serve as a basis for further
discussion and assessment. The Commission is calling on all stakeholders
and the public to comment on the review's proposals until 15 January
2011. Submissions can be made on the Commission’s public consultation
web site:

http://ec.europa.eu/justice/news/consulting_public/news_consulting_0006_en.htm

Building on this, the Commission will present proposals for a new
general data protection legal framework in 2011, which will then need to
be negotiated and adopted by the European Parliament and the Council.

In addition, the Commission will examine other measures, such as
encouraging awareness-raising campaigns on data protection rights and
possible self-regulation initiatives by industry.

Background

EU data protection rules (the 1995 Data Protection Directive 95/46/EC)
aim to protect the fundamental rights and freedoms of natural persons,
and in particular the right to data protection, as well as the free flow
of data. This general Data Protection Directive has been complemented by
other legal instruments, such as the e-Privacy Directive for the
communications sector. There are also specific rules for the protection
of personal data in police and judicial cooperation in criminal matters
(Framework Decision 2008/977/JHA).

The right to the protection of personal data is explicitly recognised in
Article 8 of the EU's Charter of Fundamental Rights and in the Lisbon
Treaty. The Treaty provides the legal basis for rules on data protection
for all activities within the scope of EU law under Article 16.

In 2009, the Commission launched a review of the current legal framework
on data protection, starting with a high-level conference in May 2009,
followed by a public consultation running until the end of 2009.
Targeted stakeholders consultations were organised throughout 2010. In
January 2010, Vice-President Viviane Reding announced the Commission's
intention to modernise EU data privacy rules in a speech on Data
Protection Day (see IP/10/63 and SPEECH/10/441) in her previous role as
Information Society Commissioner. Today’s Communication was produced in
agreement with Neelie Kroes, EU Commissioner in charge of the Digital
Agenda.

Justice Directorate-General Newsroom:

http://ec.europa.eu/justice/news/intro/news_intro_en.htm

Homepage of Vice-President Viviane Reding, EU Commissioner for Justice,
Fundamental Rights and Citizenship:

http://ec.europa.eu/commission_2010-2014/reding/index_en.htm

MEMO/10/542

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <http://lists.winstonsmith.org/pipermail/e-privacy/attachments/20101104/9bf7f97a/attachment.pgp>

More information about the e-privacy mailing list