This document is an excerpt from the EUR-Lex website
Ensuring citizens’ privacy: the European Data Protection Supervisor
Ensuring citizens’ privacy: the European Data Protection Supervisor
Ensuring citizens’ privacy: the European Data Protection Supervisor
This summary has been archived and will not be updated. See 'Protection of individuals with regard to the processing of personal data by EU institutions, bodies, offices and agencies' for an updated information about the subject.
Ensuring citizens’ privacy: the European Data Protection Supervisor
This European Union law sets out to ensure that citizens’ fundamental rights and freedoms, in particular the right to privacy with respect to the processing of personal data* by EU institutions and bodies, is respected.
ACT
Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the institutions and bodies of the Community and on the free movement of such data.
SUMMARY
This European Union law sets out to ensure that citizens’ fundamental rights and freedoms, in particular the right to privacy with respect to the processing of personal data* by EU institutions and bodies, is respected.
WHAT DOES THE REGULATION DO?
It establishes the European Data Protection Supervisor (EDPS). It sets out the rules to ensure that personal data managed by EU institutions and bodies is respected and defines citizens’ rights in this respect.
KEY POINTS
The European Data Protection Supervisor
This regulation provides for the establishment of an EDPS, the authority responsible for monitoring the application of the data protection rules by EU institutions and bodies. Citizens can lodge complaints directly with the EDPS if they consider their data protection rights under the regulation have not been respected.
Each EU institution and body must appoint at least one data protection officer with the task of cooperating with the EDPS and ensuring that the rights and freedoms of data subjects are not compromised through data processing.
Personal data and data processing
Under the regulation, and for the purpose for which they were collected, personal data must be:
Further processing of personal data for historical, statistical or scientific purposes is permitted if there are appropriate safeguards about anonymity.
Personal data may be processed only if it is:
Citizens’ rights
The processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and of data concerning health or sex life, as well as data relating to criminal offences, is in principle prohibited, unless for the reasons expressly authorised by law.
Citizens enjoy legally enforceable rights under the regulation, such as the right to access, rectify, block or erase personal data held by EU institutions and bodies.
WHEN DOES THE REGULATION APPLY?
From 1 February 2001.
KEY TERMS
* Personal data: any information relating to an identifiable person or ‘data subject’ in terms of such attributes as physical, mental, economic, cultural or social identity.
* Processing of personal data: an operation performed on personal data, such as collection, storage, use, alteration, transmission, dissemination or erasure.
For more information see the European Data Protection Supervisor website.
REFERENCES
Act |
Entry into force |
Deadline for transposition in the Member States |
Official Journal |
Regulation (EC) No 45/2001 |
1.2.2001 |
- |
|
- |
- |
RELATED ACTS
Commission Decision 2008/597/EC of 3 June 2008 adopting implementing rules concerning the Data Protection Officer pursuant to Article 24(8) of Regulation (EC) No 45/2001 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data (Official Journal L 193, 22.7.2008, pp. 7-11).
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (Official Journal L 281, 23.11.1995, pp. 31-50).
last update 12.06.2015