Data protection guides

Data protection reform - guide — 25 January 2012, 15:13 CET

The European Commission has today proposed a comprehensive reform of the EU's 1995 data protection rules to strengthen online privacy rights and boost Europe's digital economy. Technological progress and globalisation have profoundly changed the way our data is collected, accessed and used. In addition, the 27 EU Member States have implemented the 1995 rules differently, resulting in divergences in enforcement. A single law will do away with the current fragmentation and costly administrative burdens, leading to savings for businesses of around €2.3 billion a year. The initiative will help reinforce consumer confidence in online services, providing a much needed boost to growth, jobs and innovation in Europe.

New EU-US agreement on the transfer of Passenger Name Record (PNR) data - guide — 21 November 2011, 15:16 CET

The European Commission has initialled an agreement with the US that, if endorsed by the Council and the European Parliament, would replace the existing agreement from 2007 that currently regulates the transfer of Passenger Name Record (PNR) by air carriers to the US. The request to re-negotiate the existing PNR Agreement came from the European Parliament as part of its new role in the post-Lisbon era, and Commissioner Malmström started negotiations in December 2010 after receiving negotiating authorisation from the Council. The new text represents a substantial improvement over the existing 2007 Agreement and Commissioner Malmstrom intends to ask the green light of the Council and the European Parliament to sign it soon.

Evaluation report of the Data Retention Directive — 19 April 2011, 17:06 CET

Data concerning telecommunications traffic through telephone networks and through the internet is, to some extent, retained (stored) by telecommunication service providers for their own commercial purposes (e.g., for billing purposes). The Data Retention Directive seeks to harmonise certain aspects of national rules on such storage. It requires telecommunication service providers to store traffic and location data regarding fixed and mobile telephony, internet access, email and telephony, for a period of at least six months (and no more than two years), and to make it available on request to law enforcement authorities for the purpose of investigation, detection and prosecution of serious crime and terrorism.

EU proposal for passenger data to fight serious crime and terrorism - guide — 02 February 2011, 18:50 CET

The European Commission has presented a proposal for an EU Passenger Name Record (PNR) Directive to fight serious crime and terrorism. The proposal obliges air carriers to provide EU Member States with data on passengers entering or departing from the EU, whilst guaranteeing a high level of protection of privacy and personal data.

EU data protection rules reform - guide — 04 November 2010, 16:07 CET

What happens to your personal data when you board a plane, open a bank account, or share photos online? How is this data used and by whom? How do you permanently delete profile information on social networking websites? Can you transfer your contacts and photos to another service? Controlling your information, having access to your data, being able to modify or delete it – these are essential rights that have to be guaranteed in today's digital world. To address these issues, the European Commission sets out a strategy on how to protect individuals' data in all policy areas, including law enforcement, while reducing red tape for business and guaranteeing the free circulation of data within the EU. This policy review will be used by the Commission with the results of a public consultation to revise the EU’s 1995 Data Protection Directive. The Commission will then propose legislation in 2011.

EU external strategy on Passenger Name Record (PNR) - guide — 21 September 2010, 19:07 CET

The European Commission has adopted a package of proposals on the exchange of Passenger Name Record (PNR) data with third countries, consisting of an EU external PNR strategy and recommendations for negotiating directives for new PNR agreements with the United States, Australia and Canada.

EU-US data protection agreement negotiations - briefing — 26 May 2010, 23:33 CET

The European Commission today adopted a draft mandate to negotiate a personal data protection agreement between the European Union and the United States when cooperating to fight terrorism or crime. The aim is to ensure a high level of protection of personal information like passenger data or financial information that is transferred as part of transatlantic cooperation in criminal matters. The agreement would enhance the right of citizens to access, rectify or delete data, where appropriate.

RFID: Radio Frequency IDentification - briefing — 13 May 2009, 23:43 CET

Europeans should be able to have control over smart chips, a worldwide market set to grow five times over in the next decade, while still being able to easily use them to make everyday life simpler, says the European Commission. There are already over 6 billion smart chips, microelectronic devices that can be integrated into a variety of everyday objects from fridges to bus passes. With Radio Frequency Identification (RFID) technology, they can process data automatically when brought close to 'readers' that activate them, pick up their radio signal and exchange data with them. They are in the passes you use to enter your office and the smart cards that pay highway tolls. Today, the Commission adopted a set of recommendations to make sure that everyone involved in the design or operation of technology using smart chips respects the individual's fundamental right to privacy and data protection, contained in the Charter of Fundamental Rights of the European Union proclaimed on 14 December 2007.

The SWIFT case and the American Terrorist Finance Tracking Program — 28 June 2007, 16:27 CET

After the 11th September 2001 terrorist attacks, the United States Department of the Treasury ("U.S. Treasury") developed the "Terrorist Finance Tracking Program" ("TFTP"). The TFTP is based on United States statutory mandates and Executive Orders authorising the U.S. Treasury to use appropriate measures to identify, track and pursue those who provide financial support for terrorist activity.

Privacy Enhancing Technologies (PETs) — 02 May 2007, 22:47 CET

The use of Privacy Enhancing Technologies (PETs) can help to design information and communication systems and services in a way that minimises the collection and use of personal data and facilitate compliance with data protection rules. The use of PETs should result in making breaches of certain data protection rules more difficult and/or helping to detect them.

Data protection in the EU — 25 August 2006, 12:07 CET

Concerns about personal data collection on the Internet are increasing. Developments in the European Union fo create of a frontier free Internal Market and the EU's so-called 'Information Society' have greatly increases the cross-frontier flows of personal data between Member States of the EU.