Privacy & Information Security Law Blog

On June 15, 2011, European Data Protection Supervisor (“EDPS”) Peter Hustinx gave a press conference to present his annual report for 2010.  The annual report provides an overview of the EDPS’ main activities in 2010 and sets forth key priorities and challenges for the future.

In his speech, Hustinx focused primarily on the review of the EU data protection framework and the Data Retention Directive.  He referenced his recent Opinion in which he concluded that the Data Retention Directive does not meet general EU data protection requirements and that the European Commission should explore the possibility of replacing it with alternative measures such as data preservation through a “quick freeze” procedure.  Hustinx also stated his intention to keep a close eye on any developments with respect to RFID technology, cloud computing and online enforcement of intellectual property rights.

The EDPS also took the opportunity to call on private companies to enhance data protection compliance in the Information and Communication Technologies (“ICT”) environment.  Although supervision of private companies does not fall under his jurisdiction, Hustinx discussed how the current review of the data protection framework is aimed primarily at making companies more accountable and strengthening the rights of individuals in the Internet era.  In particular, Hustinx suggested that under the future framework all companies should conduct Privacy Impact Assessments and implement privacy by design prior to introducing new products.  Along the same lines, the EDPS also called for layered privacy notices aimed at increasing users’ control over their personal data.

View a copy of the EDPS Annual Report for 2010.