The second trilogue negotiation is, according to this previously released (unofficial) timetable for completion, scheduled for today, 14 July. This second meeting will focus on the issues of territorial scope (Article 3) and international transfers (Chapter V). For Datonomy readers with the stamina to read it, this 682 page document dated 8 July, but not yet uploaded to the Council’s website, has been leaked by Statewatch. It is a line-by-line table comparing the Commission, EP and Council’s respective negotiating positions on the whole Regulation. The issues of data security, data breach notification and processor obligations contained in Chapter IV of the draft, according to the above unofficial timetable, are not due to be negotiated until September. Although there are some differences of detail between the institutions’ positions, this is one of the less contentious aspects of the Regulation, and the leaked document does not contain any surprises as regards … Continue Reading ››
The European Union Agency for Fundamental Rights has published a Handbook of European data protection law, to which I was a contributor. This handbook is designed to familiarise legal practitioners who are not specialised in the field of data protection with this area of law. It provides an overview of the European Union’s and the Council of Europe’s applicable legal frameworks. The Handbook can be found here.
The latest responses by the UK government and the ICO to the EU reform proposals will (mostly) resonate with businesses concerned about some of the more far-reaching changes. The latest developments and time line Datonomy has been taking stock of two recent UK developments: the Government's response to the Justice Select Committee's opinion on the European Data Protection framework proposals published by the MOJ on 11 January, and the "latest views from the ICO" 2 –pager on 22 January. Datonomy readers are no doubt au fait with the intricacies of the EU legislative process, but may nonetheless enjoy the blog post by Deputy Commissioner David Smith with its helpful insight into the current state of play and user friendly time line. Despite the strength of the European Parliament's support for the Commission's proposals, it still has a way to go, procedurally speaking. And not everyone shares the EP's wholehearted support for every aspect … Continue Reading ››
On 28 October 2010, the European Commission decided to refer Austria to the Court of Justice for its lack of independent data protection authority (see press release IP/10/1430). The Commission deemed that provisions setting up the so-called Data Protection Commission (Datenschutzkommission) do not conform to EU rules, which require Member States to establish a completely independent supervisory body to monitor the application of Directive 95/46/EC ("Data Protection Directive"). Even though the Austrian Data Protection Act 2000 (Datenschutzgesetz 2000) sets forth that the members of the Data Protection Commission shall be "independent and not bound by instructions in the exercise of their duties", the Commission considers that “complete independence,” as required under Article 28 para 1 of the Data Protection Directive, is not guaranteed. The Commission alleges that the Data Protection Commission remains under the supervision of the Federal Chancellor because it is integrated into the Chancellery in terms of its organisation and staff … Continue Reading ››