Toolbar-Menü

Entschließung: Resolution on new frameworks of cooperation

Proposer: NAIH

Co-sponsors: Dutch Data Protection Authority, Finnish Data Protection Ombudsman

Preamble

In the past years, the most important endeavour of the European privacy and data protection regulatory community has been contributing to the re-defining the framework of European data protection legislation – the new EU data protection Regulation and Directive - and to continue the updating of the Council of Europe Convention 108.

On 17th December 2015 a compromise proposal on the new EU legislative data protection package was born, and was adopted in 2016. By adopting this proposal, a new data protection regime will start after the two year preparatory phase and it will aim to provide a closer cooperation and unified action between Member States, while the existing core privacy principles will remain mostly unchanged.

The new privacy regime sets out stronger duties and obligations of data controllers and processors and also fundamentally develops the relationship between the authorities and the rules of their cooperation. By the time of the new European laws’ application in 2018 the European Data Protection Authorities will need to be well prepared.

The European Data Protection Authorities have already developed their experience in cross-border cooperation mechanisms at several levels, including the Article 29 Working Party, the Council of Europe, the European Spring Conference case-handling workshops and also at the level of the International Conference of Data Protection and Privacy Commissioners which has developed tools, resources and a dedicated annual event for cooperation on cross-border cases.

The European Conference of Data Protection Authorities noting

  • that the legal framework of data protection in Europe has fundamentally changed and the process requires dynamic and proactive reactions from Data Protection Authorities themselves to prepare for consistent cooperation and compliance
  • acknowledging that the Regulation as a directly applicable legal instrument will result in significant changes in all EU Member States
  • also acknowledging that the scope of the Regulation has expanded which will result in new tasks and powers allocated to Data Protection Authorities, as it will also be the case with the modernised Convention 108
  • mindful that the data protection authorities have obligations under the Regulation (GDPR) to provide EU-wide consistency to the conduct of their duties and obligations
  • recognising the parallel efforts to reinforce cooperation between consumer enforcers, and the synergies between regulatory frameworks for consumer, antitrust and data protection, notably in the digital society and economy
  • aware that the cooperation between data protection authorities is not only important but the only effective and efficient way to enforce data subjects’ rights in cross-border cases
  • underlining that the DPAs have an essential mission of safeguarding the right to privacy and to personal data protection as a fundamental right as stated in the Charter of Fundamental Rights of the EU
  • recalling that the two years’ time period for preparation requires that DPAs closely work together with each other and all concerned, including governments, national parliaments, public and private sectors and academia
  • recalling the lessons learned from the Article 29 Working Party, Spring Conference casehandling workshops, and the recent resources developed at the International Conference of Data Protection and Privacy Commissioners to facilitate international enforcement cooperation
     
  1. highlights the importance of effective protection of the fundamental rights of data subjects
  2. calls upon the European Data Protection Authorities for a closer, more proactive and effective cooperation
  3. reminds the European Data Protection Authorities on the necessity of a practical and innovative approach, including greater dialogue and information sharing with other regulatory bodies responsible for safeguarding the rights and interests of the individual in the digital society and economy
  4. encourages the European Data Protection Authorities to negotiate with their national governments in order to ensure all the necessary human and financial resources they need regarding the new tasks and duties
  5. recommends that future Spring Conferences report on the achievements in the field of cooperation and joint efforts

Proposer: NAIH

Co-sponsors: Dutch Data Protection Authority, Finnish Data Protection Ombudsman

Preamble

In the past years, the most important endeavour of the European privacy and data protection regulatory community has been contributing to the re-defining the framework of European data protection legislation – the new EU data protection Regulation and Directive - and to continue the updating of the Council of Europe Convention 108.

On 17th December 2015 a compromise proposal on the new EU legislative data protection package was born, and was adopted in 2016. By adopting this proposal, a new data protection regime will start after the two year preparatory phase and it will aim to provide a closer cooperation and unified action between Member States, while the existing core privacy principles will remain mostly unchanged.

The new privacy regime sets out stronger duties and obligations of data controllers and processors and also fundamentally develops the relationship between the authorities and the rules of their cooperation. By the time of the new European laws’ application in 2018 the European Data Protection Authorities will need to be well prepared.

The European Data Protection Authorities have already developed their experience in cross-border cooperation mechanisms at several levels, including the Article 29 Working Party, the Council of Europe, the European Spring Conference case-handling workshops and also at the level of the International Conference of Data Protection and Privacy Commissioners which has developed tools, resources and a dedicated annual event for cooperation on cross-border cases.

The European Conference of Data Protection Authorities noting

  • that the legal framework of data protection in Europe has fundamentally changed and the process requires dynamic and proactive reactions from Data Protection Authorities themselves to prepare for consistent cooperation and compliance
  • acknowledging that the Regulation as a directly applicable legal instrument will result in significant changes in all EU Member States
  • also acknowledging that the scope of the Regulation has expanded which will result in new tasks and powers allocated to Data Protection Authorities, as it will also be the case with the modernised Convention 108
  • mindful that the data protection authorities have obligations under the Regulation (GDPR) to provide EU-wide consistency to the conduct of their duties and obligations
  • recognising the parallel efforts to reinforce cooperation between consumer enforcers, and the synergies between regulatory frameworks for consumer, antitrust and data protection, notably in the digital society and economy
  • aware that the cooperation between data protection authorities is not only important but the only effective and efficient way to enforce data subjects’ rights in cross-border cases
  • underlining that the DPAs have an essential mission of safeguarding the right to privacy and to personal data protection as a fundamental right as stated in the Charter of Fundamental Rights of the EU
  • recalling that the two years’ time period for preparation requires that DPAs closely work together with each other and all concerned, including governments, national parliaments, public and private sectors and academia
  • recalling the lessons learned from the Article 29 Working Party, Spring Conference casehandling workshops, and the recent resources developed at the International Conference of Data Protection and Privacy Commissioners to facilitate international enforcement cooperation
     
  1. highlights the importance of effective protection of the fundamental rights of data subjects
  2. calls upon the European Data Protection Authorities for a closer, more proactive and effective cooperation
  3. reminds the European Data Protection Authorities on the necessity of a practical and innovative approach, including greater dialogue and information sharing with other regulatory bodies responsible for safeguarding the rights and interests of the individual in the digital society and economy
  4. encourages the European Data Protection Authorities to negotiate with their national governments in order to ensure all the necessary human and financial resources they need regarding the new tasks and duties
  5. recommends that future Spring Conferences report on the achievements in the field of cooperation and joint efforts
Seite drucken