Privacy & Information Security Law Blog

On June 16, 2011, the Hungarian Presidency of the Council of the European Union hosted the first day of a high-level international data protection conference in Budapest.  The conference was attended by approximately 150 people, most of whom are representatives of EU governments, data protection authorities (“DPAs”), the European Commission, and other governmental groups such as the Council of Europe.

Below we provide some highlights from the first day’s events:

• Françoise Le Bail, Director General for the European Commission’s Directorate-General Justice, stated that the Commission’s proposal for a revised EU legal framework for data protection will be finalized this summer and published in November.  She stated that the Commission’s proposal will strengthen and provide for better enforcement of individual rights, increase harmonization and legal certainty, reduce the burdens on data controllers while maintaining current levels of data protection, strengthen the powers of DPAs, and promote the global dimension of data protection (e.g., through greater recognition of binding corporate rules).  She noted in particular that mechanisms should be developed to deal with situations in which DPAs disagree on issues of common concern.
• María Aurora Mejía Errasquín, Director General for International Legal Cooperation and Religious Affairs in the Spanish Ministry of Justice, stated that, in the coming months, one of the European Council’s priorities will be negotiating a data sharing agreement with the U.S. government that includes granting rights to Europeans whose data are processed in the U.S.
• Piotr Stachańczyk, Undersecretary of State in the Polish Ministry of Interior and Administration, announced that the upcoming Polish presidency will host a major data protection conference in Warsaw on September 21, 2011, and all are invited to attend.
• Peter Hustinx, European Data Protection Supervisor, stressed the importance of enacting a horizontal instrument that would cover all aspects of data protection (including law enforcement), increasing harmonization of the law, strengthening the powers of DPAs, and making data controllers more accountable and responsible.
• On a panel dealing with harmonization of the law and internal market aspects of data protection, Marie-Hélène Boulanger, Head of Data Protection Unit for the European Commission’s Directorate-General Justice, stated that, according to a recent Eurobarometer survey published by the Commission, 90% of respondents indicated that they are in favor of having unified data protection rights across the EU.
• On the cloud computing panel, there was a lively discussion among the three panelists: Slawomir Gorniak, Expert in the Security Tools and Architecture Section of the European Network and Information Security Agency, Janni Christoffersen, Director of the Danish Data Protection Agency, and Wojciech Rafał Wiewiórowski, the Polish Inspector General for Data Protection.  Gorniak explained security issues in cloud computing, Christoffersen discussed two decisions that the Danish DPA has rendered involving cloud computing, and Wiewiórowski addressed concerns regarding liability of cloud computing service providers.  As we reported earlier this week, on June 13, Wiewiórowski hosted a conference in Warsaw on the use of binding corporate rules for international data transfers.
• The final panel of the day focused on the topic of raising the general public’s awareness of data protection issues.