European Data Protection Supervisor (EDPS)

By Phil Bradley-Schmieg 

As we previewed last month, it has now been confirmed that Giovanni Buttarelli will be appointed as the next European Data Protection Supervisor (EDPS), the data protection watchdog and advisor to the various rulemaking and supervisory bodies that make up the EU.  Mr Buttarelli currently serves as Deputy EDPS under Peter Hustinx.

Covington will be hosting a book launch for the 2014 title ‘Data Protection & Privacy Law 2nd Edition’, edited by Monika Kuschewsky, in partnership with The European Lawyer (Thomson Reuters) on September 23, 2014 in Brussels. The event will comprise a half-day workshop followed by a drinks reception. We are pleased to confirm

“The evolution of big data has exposed gaps in EU competition, consumer protection and data protection policies”, said Peter Hustinx, the European Data Protection Supervisor (EDPS), when presenting the EDP’s preliminary opinion on the interplay between these three policy areas. The Opinion titled “Privacy and Competitiveness in the Age of Big Data”, issued on 26 March 2014, (the Opinion) aims at stimulating a debate between experts and practitioners. The EDPS’ preliminary opinions are not legally binding but intended to inform and facilitate discussion.Continue Reading The New EDPS Opinion “Privacy and Competitiveness in the Age of Big Data”

In a new opinion on the Commission’s proposal for a Regulation on electronic identification (“eID”) and trusted services, the European Data Protection Supervisor (“EDPS”) has called, amongst other things, for security measures that trust service providers must apply to their services to be specified directly in legislation rather than left to the Commission to define at a later stage.  The EDPS has also called for additional data privacy safeguards, higher security controls to apply to authorities that issue eIDs, more detailed mechanisms on how to ensure that eIDs and trust services are interoperable at EU level, and for data breach notification requirements under this proposal to be aligned with requirements under the e-privacy Directive and proposed new data protection Regulation.Continue Reading European Data Protection Supervisor Issues New Opinion On Proposed European Regulation Of eIDs And Trusted Services

The European Data Protection Supervisor (EDPS), Peter Hustinx, recently published a response to a European Commission consultation on reform of the “notice-and-action” (“N&A”) procedure rules — i.e., the legal regime that requires Internet intermediaries to remove hosted content when they are notified that such content is illegal.  As set out in more detail below, the EDPS response draws attention to the impact of N&A procedures on data protection and privacy rights, and voices support for a variety of measures, including harmonising the definition of “illegal content”, clarifying the definition of “hosting” and the extent to which hosting providers should take proactive steps to remove illegal content.

The EDPS’s views will be added to those of other stakeholders including rightholders, many of whom have called for a transparent and user-friendly procedure that includes an accessible appeals process and sanctions against abusive notices.  Rightholders also see value in intermediaries providing APIs that enable rightholders to remove infringing content directly, as some online platforms already do today.Continue Reading European Data Protection Supervisor Calls For Clearer and More Privacy-Friendly Rules On Internet Intermediary Liability

The European Data Protection Supervisor (“EDPS”) has issued an opinion on Europe’s strategy for protecting children on the Internet.  The European Commission consults with the EDPS on a variety of data protection issues.  However, the opinions of the EDPS are not legally binding. 

Among other things, the EDPS expressed support for: 

  • The implementation of technical tools, such as age-appropriate default privacy settings, to enhance the privacy of children online.     
  • Clear notice about the impact a change to a default setting would have on a child’s privacy and the potential harm it may cause. In particular, the EDPS suggested that in some circumstances a child might not be permitted to change the default settings, or might change the defaults only with parental consent, stating that the “extent to which a child may change the default privacy settings should also be linked to the age and level of maturity of the child.  It should be explored to what extent, and within which age group, parental consent would be required to validate a change of privacy settings.” 
  • A requirement that service providers inform children about the level of sensitivity of each piece of information they provide when creating an online profile and about the potential risks or harms they may encounter when such information is disclosed to a defined group of people or to the public. 
  • A restriction on industry’s ability to create online behavioral advertising segments that target children.
  • A legal mandate for industry to deploy an EU-wide reporting tool for content that is harmful to children.

Continue Reading European Data Protection Supervisor Issues Opinion on Children’s Privacy

Earlier this week the European Data Protection Supervisor (“EDPS”) adopted an Opinion on the proposed Anti-Counterfeiting Trade Agreement (“ACTA”) between the EU and its Member States, Australia, Canada, Japan, the Republic of Korea, the United Mexican States, the Kingdom of Morocco, New Zealand, the Republic of Singapore, the Swiss Confederation and the USA.

The Agreement aims to protect intellectual property rights (“IP rights”) by developing a common approach to enforcement and facilitating cooperation at international level.  Though ACTA includes a wide range of provisions addressing issues such as the counterfeiting of goods and the unlawful use of trademarks, the Opinion focuses in particular on measures relating to the enforcement of IP rights in the digital environment.Continue Reading EU Watchdog Raises Privacy and Data Protection Concerns About Proposed Treaty To Protect Intellectual Property