Progress of the Data Protection Directive (95/46/EC)

The Data Protection Directive (95/46/EC) aims to regulate the flows of private information collection regarding natural individuals. The text is based on (and fully incorporates) a previous work of the OECD which underlined 7 principles to be followed when it comes to regulate such matter:- Notice—data subjects should be given notice when their data is being collected;

- Purpose—data should only be used for the purpose stated and not for any other purposes;

- Consent—data should not be disclosed without the data subject’s consent;

- Security—collected data should be kept secure from any potential abuses;

- Disclosure—data subjects should be informed as to who is collecting their data;

- Access—data subjects should be allowed to access their data and make corrections to any inaccurate data; and

- Accountability—data subjects should have a method available to them to hold data collectors accountable for following the above principles.[1]

The text regulates the processing of private/personal data as the Commission wished to avoid these operations. “Processing” information is a set up of actions eventually leading to any alteration of any kind upon personal data. Every citizen in the European Union has the right to know which data are stored and collected and the “controller” (the person / organisation which possess the data). The “controller” is required to be identified and has to clearly edict its purpose in data collection. In order to frame transparency in data processing, the Commission wrote the conditions for a fair “process” (Art 7)[2]. Controllers of the data have to refer to a supervision body in each member state which is asked to make sure these organisations give sufficient disclosure on their identification data (art 19).

The Commission has scheduled a review of the Data Retention Directive as “recent judgments of Member States constitutional courts” let appear that it should better match the “data retention obligations with law enforcement needs, protection of personal data (rights to privacy)”.

Though, no date is mentioned as for the start of a legislative procedure in the programme for 2011 and the European Union’s citizens will still have to see the “new approach” solemnly claimed by the Commission.


[1] http://en.wikipedia.org/wiki/Data_Protection_Directive

[2] http://en.wikipedia.org/wiki/Data_Protection_Directive

Leave a Reply

%d bloggers like this: