On 2 March 2015, the European Data Protection Supervisor ("EDPS") announced his action plan for the next five years. Appointed as EDPS in December 2014, Giovanni Buttarelli presented the main objectives and the actions of his office during his mandate. Mr Buttarelli's stated goal is for the EU to speak on data protection with a single, credible, informed and relevant voice. The EDPS's 2015-2019 Strategy lays down three main objectives and ten actions to achieve these objectives.
The first area of focus is the digitalisation of data protection. The EDPS is of the opinion that data protection in the digital era should be achieved through: (i) promoting technologies to enhance privacy and data protection; (ii) identifying cross-disciplinary solutions by initiating a dialogue amongst EU bodies and regulators, academics, industry, the IT community, consumer protection organisations and others; and (iii) increasing transparency, user control and accountability in big data processing.
The second strategic objective focuses on a global approach towards data protection. In that respect, the EDPS is committed to: (i) developing an ethical dimension to data protection, exploring the relationships between human rights, technology, markets and new business models; (ii) streamlining data protection into international agreements (and ensuring a coherent and consistent application by EU institutions); and (iii) speaking with a single EU voice in the international arena. This includes a coordinated approach to key challenges to data protection such as big data, the internet of things and mass surveillance, and developing in-house expertise on comparative data protection law.
The third focus of the EDPS for 2015-2019 is to open "a new chapter for EU data protection". Clearly, this refers to the pending legislative package, where the EDPS intends to assist in resolving outstanding issues between the EU Parliament and the Council of Ministers. The EDPS stresses the urgency of reform given the speed of technological innovation, and puts forward the following actions: (i) adopting and implementing up-to-date rules (notably by cooperating with the Article 29 Working Party to be a more proactive partner in the institutional discussions concerning the data protection reform package); (ii) increasing the accountability of EU bodies processing personal information; (iii) facilitating responsible and informed policymaking; and (iv) promoting a mature conversation on security and privacy.
The fate of the office of the EDPS itself is closely tied to that of the data protection reform package. Indeed, if the legislation is passed, the EDPS will provide the secretariat for the new European Data Protection Board proposed by the draft General Data Protection Regulation.
The full EDPS Strategy 2015-2019 can be accessed here.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
