On Tuesday, 10 January, the European Commission proposed to modernise and adapt the rules protecting personal data applied in the European institutions.
It therefore proposed to adapt the regulation dating from 2001 on new personal data protection rules adopted at the beginning of 2016 as part of the general regulation on protection of private data.
As is the case for local government or companies, the European institutions are obliged to ensure a high level of personal data protection for their members as well as for external visitors.
They must therefore meet the demands of erasing data, data rectification and the portability of data. The Commissioner in charge of this dossier, Vera Jourova said that these were not just meaningless words and that this revision partially completed the comprehensive reform of European personal data protection rules.
The new regulation therefore introduces updated standards for data protection controllers at the institutions and sets out for them what obligations must be respected in all areas of their work, such as that involving data transfers to other organisations or non-EU countries. In the latter case, everything depends on the appropriateness of the decisions taken by the Commission and whether it can establish a sufficient level of data protection in these countries as that guaranteed in the EU. (Solenn Paulic)