Accept Refuse

EUR-Lex Access to European Union law

This document is an excerpt from the EUR-Lex website

Document 52013XX1207(05)

Executive summary of the Opinion of the European Data Protection Supervisor on the Commission Proposal for a Regulation on occurrence reporting in civil aviation and repealing Directive 2003/42/EC, Commission Regulation (EC) No 1321/2007, Commission Regulation (EC) No 1330/2007 and Article 19 of Regulation (EU) No 996/2010

OJ C 358, 7.12.2013, p. 19–21 (BG, ES, CS, DA, DE, ET, EL, EN, FR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)
OJ C 358, 7.12.2013, p. 14–14 (HR)

In force

7.12.2013   

EN

Official Journal of the European Union

C 358/19


Executive summary of the Opinion of the European Data Protection Supervisor on the Commission Proposal for a Regulation on occurrence reporting in civil aviation and repealing Directive 2003/42/EC, Commission Regulation (EC) No 1321/2007, Commission Regulation (EC) No 1330/2007 and Article 19 of Regulation (EU) No 996/2010

(The full text of this Opinion can be found in English, French and German on the EDPS website http://www.edps.europa.eu)

2013/C 358/11

1.   Introduction

1.1.   Consultation of the EDPS

1.

On 18 December 2012, the Commission adopted a Proposal for a Regulation on occurrence reporting in civil aviation and repealing Directive 2003/42/EC, Commission Regulation (EC) No 1321/2007, Commission Regulation (EC) No 1330/2007 and Article 19 of Regulation (EU) No 996/2010 (‘the Proposal’) (1). This Proposal was sent to the EDPS for consultation on 8 January 2013.

2.

The EDPS welcomes the fact that he is consulted by the Commission and that a reference to this Opinion is included in the Preamble of the Proposal. Before the adoption of the Proposal, the EDPS was given the opportunity to provide informal comments to the Commission.

1.2.   Objectives and scope of the Proposal

3.

The three instruments to be repealed by the Proposal organise occurence reporting in the following way: Directive 2003/42/EC (2) requires each Member State to set up a mandatory occurrence reporting system (hereinafter ‘MORS’). Under this legislation, aviation professionals are obliged to report occurrences (3) in their daily operational work through the system established by their organisation (4). In addition, Member States are requested to collect, store, protect and disseminate among themselves information on occurrences. Two implementing rules complete this legislation: Commission Regulation (EC) No 1321/2007 (5), which establishes a European Central Repository (ECR) regrouping all civil aviation occurrences collected by Member States, and Commission Regulation (EC) No 1330/2007 (6), which lays down rules regarding the dissemination of the information contained in the ECR.

4.

The Proposal builds on Directive 2003/42/EC to improve the existing occurrence reporting systems in civil aviation both at national and European level. Amongst other changes, it proposes the following:

ensuring that all relevant occurrences are reported and that the data reported and stored are complete and of high quality,

adding a voluntary reporting system to the mandatory system,

requiring not only Member States but also organisations to report occurrences and to organise the transmission of these reports to the ECR,

encouraging the reporting through a harmonised protection from hierarchical punishment or prosecution of individuals reporting occurrences,

ensuring adequate access to information contained in the ECR.

1.3.   Aim of the EDPS Opinion

5.

It follows from the Proposal that occurrences will be reported by employees to their organisations, who will then store them in a database and report them to national designated competent authorities or to the European Aviation Safety Agency (EASA). These authorities, together with EASA and the Commission, will transfer information on civil aviation occurrences to the ECR, managed by the Commission. In addition, the Commission will process data relating to interested parties requesting access to the information stored in the ECR.

6.

The EDPS acknowledges the fact that the purpose of the Proposal is not to regulate the processing of personal data. However, the information that will be stored, reported and transferred may relate to natural persons who are either directly or indirectly identifiable, such as reporters, third parties involved in the reported occurrence and interested parties applying for access (7). The reported information might not only involve technical problems but also, for instance, violent passengers, crew incapacitation or health incidents (8).

7.

Therefore, the present Opinion will analyse the elements of the Proposal which concern the processing of personal data. It builds on a previous EDPS Opinion (9) on one of the Regulations which are being repealed by the Proposal (10).

4.   Conclusions

46.

The EDPS welcomes the attention paid to the protection of personal data, particularly through the engagement taken to ‘disidentify’ a major part of the data processed under occurrence reporting. However, he reminds that the data processed will still be personal data and thus welcomes the references to the applicability of EU data protection legislation. What is provided for amounts at best to partial anonymisation.

47.

The EDPS recommends clarifying the scope of ‘disidentification’. In particular, he proposes the following improvements to the text:

in the Preamble, clarifying that disidentification in the sense of the Proposal is relative and does not correspond to full anonymisation. In addition, in line with the above recommendations, the Preamble should also explain that disidentification and full anonymisation measures are to be applied in different contexts,

in Article 16: specifying that data available to independent handlers should also be disidentified or deleted as soon as possible, unless the necessity of storing the data is justified, e.g., to comply with other legal obligations of the organisations,

in order to clarify the scope of disidentification, the EDPS recommends replacing in Articles 16(1) and 16(2) ‘personal data’ by ‘personal details’ and adding a reference to the possibility of identification through technical details, in accordance with Article 2(1),

Article 5(6) allows Member States and organisations to establish additional reporting systems. It should be specified that this information should also be disidentified. The EDPS therefore recommends clarifying in Article 16(2) that personal data contained in the safety information collection and processing systems established in accordance with Article 5(6) should also be disidentified,

in Article 13(10): specify that the information should be anonymised (11) before its publication,

in Article 11(4): specify that information made available to interested parties listed in Annex III and not relating to their own equipment, operations or field of activity, should not only be aggregated or disidentified, as requested by Article 11(4), but fully anonymised.

48.

The EDPS advises specifying in the Proposal who will be the controller of every database. He also recommends defining in the Annexes I and II, in Article 5(6) all the categories of data to be processed and clarifying Articles 7(1) and 11(1) accordingly. If it is not possible to specify all the occurrences and data fields to be processed according to Articles 7(1), 5(3), 5(6) and 11(1), these Articles should at least mention that additional information not required by the Proposal should not contain special categories of data as defined by Article 8 of Directive 95/46/EC and Article 10 of Regulation (EC) No 45/2001 (‘sensitive data’).

49.

The EDPS also recommends specifying the periods during which data shall be stored in the databases, the rights of data subjects and the security measures to be implemented.

50.

In case of transfers to third country organisations or international organisations, these should commit to respect adequate safeguards to be provided in a binding instrument. These safeguards could be based on the data protection principles contained in the Standard Contractual Clauses for the transfers of personal data to third countries adopted by the Commission and could be added in the Annex of the Proposal.

51.

As regards the processing of data of interested parties requesting access to the ECR, the EDPS recommends specifying in the Proposal the data protection measures that will apply to the processing of data relating to third parties (e.g., for how long the data will be stored after access has been granted or denied and who has access to these data). In addition, the form contained in Annex IV should include, apart from the notice on access to information (12), a privacy notice.

52.

Finally, the necessity of processing sensitive data for any of the grounds contained in Article 8(2-4) of Directive 95/46/EC and Article 10(2-4) of Regulation (EC) No 45/2001 should be justified in the Preamble. The EDPS also recommends adopting additional safeguards as regards the processing of special categories of data, such as stricter security measures, the prohibition to disclose the related categories of data to third parties not subject to EU data protection law and the restriction of its disclosure to other interested parties. In addition, the processing of these categories of data may be subject to prior check by EU national data protection authorities and by the EDPS.

Done at Brussels, 10 April 2013.

Giovanni BUTTARELLI

Assistant European Data Protection Supervisor


(1)  COM(2012) 776 final.

(2)  Directive 2003/42/EC of the European Parliament and of the Council of 13 June 2003 on occurrence reporting in civil aviation (OJ L 167, 4.7.2003, p. 23).

(3)  Occurrences are any significant aviation safety event, including incidents, accidents and serious incidents (See Article 2(8) of the Proposal).

(4)  ‘Organisation’ is defined in the proposal as ‘any organisation providing aviation products and/or services and encompasses notably aircraft operators, approved maintenance organisations, organisations responsible for type design and/or manufacture of aircraft, air navigation service providers and certified aerodromes’ (See Article 2(9) of the Proposal).

(5)  Commission Regulation (EC) No 1321/2007 of 12 November 2007 laying down implementing rules for the integration into a central repository of information on civil aviation occurrences (OJ L 294, 13.11.2007, p. 3).

(6)  Commission Regulation (EC) No 1330/2007 of 24 September 2007 laying down implementing rules for the dissemination to interested parties of information on civil aviation occurrences (OJ L 295, 14.11.2007, p. 7).

(7)  See on personal data notably Section 3.1.

(8)  See Annex I of the Proposal ‘List of incidents to be reported under the mandatory occurrence reporting system’.

(9)  See EDPS Opinion on the proposal for a Regulation of the European Parliament and of the Council on investigation and prevention of accidents and incidents in civil aviation (OJ C 132, 21.5.2010, p. 1).

(10)  Regulation (EU) No 996/2010 of the European Parliament and of the Council of 20 October 2010 on the investigation and prevention of accidents and incidents in civil aviation and repealing Directive 94/56/EC Text with EEA relevance (OJ L 295, 12.11.2010, p. 35).

(11)  That is, making sure that individuals are not identifiable taking into account all the means likely reasonably to be used either by the controller or by any other person.

(12)  Point 7 of Annex IV.


Top