Access to European Union law
<a href="https://eur-lex.europa.eu/content/help/eurlex-content/experimental-features.html" target="_blank">More about the experimental features corner</a>
Choose the experimental features you want to try
EUR-Lex
Access to European Union law

This document is an excerpt from the EUR-Lex website

You are here
Use quotation marks to search for an "exact phrase". Append an asterisk (*) to a search term to find variations of it (transp*, 32019R*). Use a question mark (?) instead of a single character in your search term to find variations of it (ca?e finds case, cane, care).
Search tips
Need more search options? Use the Advanced search

Document 52023XX0217(02)

    Summary of the Opinion of the European Data Protection Supervisor on the proposal for a Regulation on data collection and sharing relating to short-term accommodation rental services and amending Regulation (EU) 2018/1724 2023/C 60/11 (The full text of this Opinion can be found in English, French and German on the EDPS website https://edps.europa.eu)

    OJ C 60, 17.2.2023, p. 14–16 (BG, ES, CS, DA, DE, ET, EL, EN, FR, GA, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)

    17.2.2023   

    EN

    Official Journal of the European Union

    C 60/14

    Summary of the Opinion of the European Data Protection Supervisor on the proposal for a Regulation on data collection and sharing relating to short-term accommodation rental services and amending Regulation (EU) 2018/1724

    (2023/C 60/11)

    (The full text of this Opinion can be found in English, French and German on the EDPS website https://edps.europa.eu)

    On 7 November 2022, the European Commission issued a proposal for a Regulation of the European Parliament and of the Council on data collection and sharing relating to short-term accommodation rental services and amending Regulation (EU) 2018/1724 (1).

    The proposal aims to harmonise registration schemes and other transparency requirements for short-term rental (STR) services, as well as to enable, via the processing of data relating to STRs, the definition of appropriate policy responses when addressing issues such as affordable housing or the protection of the urban environment. The EDPS recalls in this regard, insofar as the processing concerns personal data, the need to comply with the principles of necessity and proportionality.

    The proposal establishes rules on registration of providers of STRs (hosts); lists the information that hosts must provide in order to receive a registration number; lays down the obligation for competent authorities to verify the information submitted by hosts, request additional information and suspend the validity of the registration number. It also provides rules on the obligation by online short-term rental platforms to ensure the validity of registrations by hosts.

    Furthermore, the proposal sets out the condition according to which competent authorities will receive from online short-term rental platforms specific information about hosts’ activities through the Single Digital Entry Point (SDEP). The proposal also specifies which authorities can access the data collected and shared by online short-term rental platforms.

    By this Opinion, the EDPS recommends amending Article 2 to make clear in the enacting terms of the proposal that the latter excludes the use of personal data processed pursuant to the proposal for law enforcement or for taxation and customs purposes.

    According to the proposal online short-term rental platforms should not be required to report personal data related to guests. Indeed, ‘Activity data’, as defined under Article 3(11), to be transmitted by short-term rental platform to competent authorities, only refer to ‘the number of nights for which a unit is rented and the number of guests that stayed in the unit per night’. The EDPS considers that this is a key element of the proposal having regard to the need to ensure that the processing of personal data is limited to what is necessary and proportionate.

    The EDPS also recommends specifying the categories of personal data to be submitted by hosts to the competent authorities of the Member States according to Article 5(3), and to clarify the wording referring to the maximum period during which personal data will be stored.

    Concerning the verification by competent authorities and by online short-term rental platforms of the information submitted by hosts, the EDPS welcomes the information to be provided to hosts on the outcome of this verification, enabling the host to challenge or correct such information.

    The EDPS also recommends specifying whether the SDEP would store personal data.

    Lastly, the EDPS recommends specifying in Article 12(4) that this provisions refers to the aggregation of non-personal data

    1.   INTRODUCTION

    1.

    		 On 7 November 2022, the European Commission issued a proposal for a Regulation of the European Parliament and of the Council on data collection and sharing relating to short-term accommodation rental services and amending Regulation (EU) 2018/1724 (‘the proposal’).

    2.

    		 The objective of the proposal is to harmonise and improve the framework for data collection and data sharing on short-term accommodation rentals (‘STRs’) across the European Union, and enhance transparency in the STR sector (2).

    3.

    		 More specifically, the proposal aims at establishing:

    (i)

    a harmonised approach to registration schemes for hosts, with an obligation on public authorities to maintain such schemes to obtain data for policy making and enforcement purposes (3);

    (ii)

    an obligation on online platforms to enable the hosts to display registration numbers (which will ensure compliance with registration requirements by hosts) and to share specific activity data about hosts and their listings with public authorities;

    (iii)

    specific tools and procedures to ensure that data sharing is safe, GDPR-compliant and cost-effective, for all players involved (4).

    4.

    		 The present Opinion of the EDPS is issued in response to a consultation by the European Commission of 7 November 2022, pursuant to Article 42(1) of the EUDPR (5). The EDPS welcomes the reference to this consultation in recital 38 of the proposal. In this regard, the EDPS also positively notes that he was already previously informally consulted pursuant to recital 60 of the EUDPR.

    4.   CONCLUSIONS

    23.

    		 In light of the above, the EDPS makes the following recommendations:

    (1)

    to amend Article 2 to make clear in the enacting terms of the proposal that the latter excludes the use of personal data processed pursuant to the proposal for law enforcement or for taxation and customs purposes;

    (2)

    to delete the last sentence of recital 37;

    (3)

    to specify the categories of personal data that may be further required by the competent authorities of the Member States according to Article 5(3);

    (4)

    to clarify the wording referring to the storage limitation period in Article 5(5);

    (5)

    to consider the possible amendment of the first sentence of Article 10(4) in the light of the fact that SDEP might indeed store personal data;

    (6)

    to specify in Article 12(4) that this provisions refers to the aggregation of non-personal data.

    Brussels, 16 December 2022.

    Wojciech Rafał WIEWIÓROWSKI

    (1)  COM(2022) 571 final.

    (2)  See Explanatory Report, p 1.

    (3)  It also has to be noted that the proposal, under Article 17, amends Regulation (EU) 2018/1724 of the European Parliament and of the Council of 2 October 2018 establishing a single digital gateway to provide access to information, to procedures and to assistance and problem-solving services and amending Regulation (EU) No 1024/2012 (OJ L 295, 21.11.2018, p. 1). As specified under recital 32, the proposal includes the procedures concerning the registration by hosts in Annex II of Regulation (EU) 2018/1724, which established the single digital gateway, providing for general rules for the online provision of information, procedures and assistance services relevant for the functioning of the internal market.

    (4)  See Explanatory Report, p 1.

    (5)  Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).

    Top