(Dieser Artikel ist auch in deutscher Sprache verfügbar)

The EDPS (European Data Protection Supervisor), Peter Hustinx, issued on 25 July 2007 an opinion on the European Commission communication regarding the improved implementation of the EC Data protection directive (95/46), considering that the Directive should not be amended and asking for its full implementation before applying any changes.

The EDPS' opinion is that specific actions are needed in the short term to ensure the full implementation of the Directive pending the Reform Treaty that will make the Charter of Fundamental Rights legally binding, "thus offering the citizens better data protection".

"In the longer term, changes of the Directive seem unavoidable, while keeping its core principles" and "A clear date for a review to prepare proposals leading to such changes should already be set now. Such a date would give a clear incentive to start the thinking about future changes already now."

Hustinx reminds the dynamic context within which the Directive operates with the constantly changes in EU, as well as in the information society."... the free flow of information between the Member States - and between the Member States and third countries - has become more important and will become an even more important reality. ... The information society is evolving and has more and more characteristics of a surveillance society. This implies an increasing need for effective protection of personal data to deal with these new realities in a fully satisfactory way."

Some of the short-term actions that the EDPS considers necessary for a full implementation of the Directive are an efficient use of infringement procedures, the promotion of best practices, self-regulation, "privacy by design" and privacy seals type of non-binding measures.

He sees long-term measures will also be needed in order to address issues such as interoperability or the wider use of biometric data.

EDPS also considers the number of stored data should also be limited to the needs of law enforcement and that access to content data should not be made possible. Specific proper safeguards should be ensured to avoid access of non-authorised people to the stored data as well as adequate technical measures for the security of the data. In his opinion, the subjects of the stored data should be able to exercise their rights and data protection authorities should be enabled to supervise effectively.

Press release - Data protection directive: EDPS wants full implementation before considering changes to the framework (25.07.2007)
http://edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/EDPS...

Opinion of the European Data Protection Supervisor on the Communication from the Commission to the European Parliament and the Council on the follow-up of the Work Programme for better implementation of the Data Protection Directive (25.07.2007)
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/...