European Data Protection Supervisor (EDPS) Peter Hustinx has
issued a plea for more care in negotiations over a framework
decision on data protection as it relates to crime and policing. "I
fear that the negotiations in Council might lead to an inadequate
outcome," said Hustinx.
The Council of Ministers is negotiating a framework of data
protection in the third pillar, which means in the realm of law,
policing and immigration.
"Delegations must understand that good data protection goes hand
in hand with good law enforcement," said Hustinx, who is
responsible for making sure that European bodies comply with data
protection law.
"If they succeed in agreeing on a high level of protection for
all data, including 'purely' domestic processing, they will at the
same time improve trust between EU police and judicial
authorities," he said.
Hustinx said that his main concern was that two classes of data
files were being created, between data from one country and data
from any other member state. He said that this would make it harder
for citizens to exercise their rights.
Hustinx also said that there was a risk that the framework could
allow for the processing of information on a person's religion,
race or ethnic origin without sufficient safeguards, and that there
was not enough protection against the exchange of information with
bodies that were not concerned with law enforcement.
Echoing a concern in relation to economic data, he said that
current plans did not ensure adequate protections for information
being transferred to other countries. One European body, bank
payments organisation SWIFT, has been reprimanded by data
protection authorities for allowing transaction details to be
transferred to the US, where data protection is weaker.
"Some basic rights for data subjects, like the right to be
informed, no longer seem to be guaranteed," said a statement from
Hustinx's office. "Exceptions to this right may become the
rule."
Hustinx's office also signed an agreement with EU complaints
body the European Ombudsman P Nikiforos Diamandouros to co-operate
on complaints relating to the duties of both offices. The two
bodies agreed to inform each other when complaints relevant to the
other were made.
"Because maladministration includes failure by the EU
institutions to comply with their data protection obligations, it
is important that we coordinate on cases where our competences
partly overlap," said a joint statement from the two offices. "This
agreement builds upon the current practice of good cooperation
between our two institutions".
Disclaimer: We hope you find OUT-LAW’s content useful. It’s prepared by the lawyers at Pinsent Masons. Please remember, though, that it’s intended as general information only. It’s not legal advice. If that’s what you’re seeking, please
contact us. See also: our
full disclaimer
