Brussels, 19/01/2011 (Agence Europe) - The European Data Protection Supervisor (EDPS) supports the main objectives and challenges identified by the European Commission in its reform strategy of the legal framework for data protection (EUROPE 10250). However, he is calling for “more ambitious” solutions to be envisaged, in order to make the system more efficient and to give the citizens better control over their personal data. These are the conclusions of the opinion published by EDPS Peter Hustinx 18 January on the strategy recommended by the European executive in this matter.
In his opinion, “in an information society where huge amounts of personal information are constantly being processed (…), if we want to strengthen citizens' rights over their personal data, we need to ensure that individuals remain in control and that data controllers proactively include data protection and business activities. There is also a crucial need for a comprehensive framework that includes the areas of police and justice”.
The EDPS went on to state that the following guiding principles should inform the process for the revision of the current directive on the protection of personal data: - the right of individuals should be strengthened: data protection is a fundamental right and individuals should be protected under all circumstances. The EDPS proposes introducing obligatory notification of security breaches covering all sectors concerned, as well as new rights, especially in the online environment, such as the right to be forgotten and data portability (the right to be forgotten refers to the right to have one's data deleted or not further disseminated after a set period of time. Data portability is the ability to shift data from one place to another and not be tied to a particular system). Data on children should also be better protected; - the responsibility of organisations needs to be reinforced: the new framework should include incentives for data controllers in the public and private sectors to take the initiative to include new tools in their operational processes in order to ensure compliance with data protection (accountability principle). The EDPS proposes the introduction of general provisions on accountability and “privacy by design”; - including police and judicial cooperation in the legal framework is a vital condition for ensuring effective protection; - greater harmonisation should be one of the main objectives of the revision. The data protection directive should be replaced with a directly applicable regulation; - the new legal framework should be formulated in a technologically neutral way and should aim to create legal security in the long run; - the execution powers of the data protection authorities should be reinforced and their independence guaranteed across the EU. (O.L./transl.fl)