CONTINUEThis site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.
  1. Front Page
  2. News By Topic
  3. EU Adopts Data Protection Compliance Policy

EU Adopts Data Protection Compliance Policy

by Ulrika Lomas,, Brussels

15 December 2010

Signalling what is said to be a fundamental change of gear in the field of enforcement, the European Data Protection Supervisor (EDPS) has adopted a policy paper that sets out the framework within which he will monitor, measure and ensure data protection compliance in the European Union (EU).

The EDPS points out that the policy seeks to encourage voluntary compliance and best practice and create sufficient incentives for compliance by emphasizing where the responsibility for compliance lies; explaining how the EDPS will support this compliance; and explaining what the EDPS will do in the case of non-compliance.

Peter Hustinx, the EDPS, said: "Holding EU institutions accountable for ensuring compliance with data protection obligations, and for demonstrating such compliance, is a crucial first step in fostering data protection in practice. However, this must be backed up by a framework for dealing with those institutions and bodies that continue to fail to meet the required standards and demonstrate poor compliance records."

Its paper places a strong emphasis on the principle of ‘accountability’ to encourage compliance and the adoption of best practice in EU administration. Accountability requires EU institutions and bodies to put in place appropriate and effective measures to ensure compliance with data protection obligations and to demonstrate this to the EDPS. The EDPS will then focus on his responsibilities for monitoring and where necessary ensuring compliance.

The EDPS adds that, to date, he has adopted an approach which prefers to make recommendations and encourage compliance rather than warn or admonish or make legally binding orders. However, following five years of such activity, the EDPS believes that the time has come to take a more robust approach to enforcement, particularly in cases of serious, deliberate or repeated non-compliance with data protection principles. The policy therefore introduces a set of criteria which will ensure a proactive, as well as consistent and transparent, application of his enforcement powers.

Within his policy paper, the EDPS also emphasizes that transparency and publicity are an important tool both for stakeholders and in terms of good governance. In relation to his enforcement activities, the EDPS will normally publish information regarding any official referrals he makes. He will also consider, on a case-by-case basis, whether it is appropriate to make public any of the other enforcement actions pursued.

TAGS: compliance | business | commerce | law | enforcement | internet | e-commerce | standards | regulation | European Union (EU) | Europe

To see today's news, click here.


Tax-News Reviews

Cyprus Review

A review and forecast of Cyprus's international business, legal and investment climate.

Visit Cyprus Review »

Malta Review

A review and forecast of Malta's international business, legal and investment climate.

Visit Malta Review »

Jersey Review

A review and forecast of Jersey's international business, legal and investment climate.

Visit Jersey Review »

Budget Review

A review of the latest budget news and government financial statements from around the world.

Visit Budget Review »

Stay Updated

Please enter your email address to join the mailing list. View previous newsletters.

By subscribing to our newsletter service, you agree to our Terms and Conditions and Privacy Policy.

To manage your mailing list preferences, please click here »