Giovanni Buttarelli, the new European data protection supervisor (EDPS) has this month published his offices’ five year strategy plan.

The EDPS is a relatively new but increasingly influential independent supervisory authority. It is responsible for monitoring the processing of personal data by the EU institutions and bodies. It also advises on policies and legislation that affect privacy.  Mr. Buttarelli unveiled his strategy earlier this month at a presentation hosted at the European Commission where he said:

“This is a crucial moment for data protection, a period of unprecedented change and political importance, not only in the EU but globally. Our aims and ambitions for the next five years build on our strengths, successes and lessons learned. Together with our legal and technological expertise, we are uniquely placed to assist the EU to find effective, practical and innovative solutions that will respect our fundamental rights in the new digital world. Our goal is for the EU to speak – in full cooperation with colleagues at national level – with one voice on data protection, a voice which is credible, informed and relevant.”

The strategy identifies the major issues the EU is expected to face in the area of data protection and privacy over the next few years and sets out three strategic objectives and accompanying actions for meeting those challenges:

1. 1.     Data protection goes digital

To benefit from new technologies and preserve the rights of the individual, the EDPS aims to be an epicentre for creative ideas and innovative solutions, customizing existing data protection principles to fit the global digital arena. The strategy recognises the need to “go digital” in order to make these existing principles more effective in practice in our technology-driven society and to integrate them with new principles specifically arising from the digital age and the big data driven economy.

Big data, the plan says, challenges regulators and independent authorities to ensure that its principles on profiling, identifiability, data quality, purpose limitation, and data minimisation and retention periods are effectively applied in practice. The EDPS says it will work across policy areas to promote technologies that enhance privacy, transparency, user control and accountability in big data processing.

1. 2.     Forge global partnerships

The EDPS says it will invest in global partnerships with fellow experts, non-EU countries, authorities and international organisations to work towards a social consensus on principles that can inform binding laws.

1. 3.     Opening a new chapter for EU data protection

The EDPS argues that the current fragmented national approach to data protection across the EU is unsustainable. He states that it is vital that the EU adopts a new set of rules to make data protection easier, clearer and less bureaucratic. Under the plan the EDPS envisages a more proactive role for himself in the discussions between the European Commission, Parliament and Council on the data protection reform.

The Strategy is aptly titled “Leading by Example”. The tone of the report suggests the EDPS certainly intends to do just that.

Contact Mark Roberts for more information.

Disclaimer

This publication is for guidance purposes only. It does not constitute legal or professional advice. No liability is accepted by Ogier Leman for any action taken or not taken in reliance on the information set out in this publication. Professional or legal advice should be obtained before taking or refraining from any action as a result of the contents of this publication. Any and all information is subject to change.