Observatory on data protection in the EU
- the protection of personal data in
police and judicial matters
- full-text documentation on all the secret discussions in the Council -
updated 29 November 2006
Update 29 November
EU:
European Data Protection Supervisor (EDPS) issues a 2nd, critical, Opinion on
the Council's draft proposal on data protection on police and judicial issues: Full-text of opinion (pdf)
"The
texts currently being discussed within the Council do not incorporate the
amendments proposed by the European Parliament, nor the opinions of the EDPS
and of the Conference of European Data Protection Authorities. On the contrary,
in quite a few cases provisions in the Commission proposal, offering safeguards
to the citizens, are deleted or substantially weakened.
As
a result, there is a substantial risk that the level of protection will be
lower than the level of protection afforded under Directive 95/46/EC or even
under the more generally formulated Council of Europe Convention No 108 which
is binding on the Member States"
(emphasis in original)
Introduction
The EU is currently discussing a draft Framework Decision on the
protection of personal data processed in the framework of police and judicial
cooperation in criminal matters.
The European Commission produced a draft proposal on 4 October 2005. The
European Parliament finally adopted its report on 27 September - a
"partial vote" in July voted through all 60 amendments agreed by the
Committee on Civil Liberties (LIBE). On this issue the parliament is only
"consulted" - which means that its views can be disregarded by the
Council of the European Union (the 25 EU governments).
The Council has taken months looking at the Commission proposal and have
changed it substantially in favour of "self-regulation" by the
agencies and removing the rights of data subjects to information held on them
and the possibility to correct it.
The proposal is being discussed in the Council by the Multidisciplinary Group
on Organised Crime (MDG) whose primary interest is to ensure the greatest
possible powers to exchange any and all data between all agencies - at the
national, European and international levels - with the fewest possible obstacles
created by data protection rights.
Lord Avebury (UK House of Lords Select Committee on the EU) will put it
to the European Parliament on 3 October 2006 in the following terms, the MDG's:
"primary interest is to make life difficult for criminals, not to have
regard to the interests of data subjects" [The full-text of Lord Avebury's speech to the EP on
data protection and the principle of availability (pdf)]
Peter Hustinx, the European Data Protection Supervisor, expressed
similar concerns to the UK House of Lords Select Committee on the EU inquiry
(Behind Closed Doors, see below), discussions he said were progressing very
slowly, partly because: "national delegations tend to come from law
enforcement areas which, up to now, largely prefer to ignore data protection”.
The legitimacy of the decision-making process is also of concern on such
an important issue. The European Parliament only has powers of
"consultation" nevertheless it adopted a report with 60 amendments to
strengthen the Commission's proposal - a final vote was delayed from July until
September in the hope that the incoming Finnish Council Presidency would be
"willing to take into account Parliament's demands", there is little
evidence that it has done so. If the final version agreed within the Council is
substantially different from that put forward by the Commission the parliament
can insist that it is consulted again - unless it does there will be no time at
all for a debate in parliaments and outside.
Tony Bunyan, Statewatch editor, comments:
"This is going to be a momentous decision affecting existing
national laws on data protection, and the exchange of data within the EU and
around the globe. It is also going to the the foundation of the right of data
protection in a host of planned and future EU measures, including the new
Schengen Information System (SIS II).
The Commission draft proposal is being substantially re-written by the
Council's Multidisciplinary Group on Organised Crime including removing the
rights of data subjects and obstacles to the passing of data to third countries
outside the EU.
Until the Council finishes its so-called "second reading" the
final text will not been known - when they are intending to simply
"nod" it through. If it does so without the opportunity for national
and European parliaments and civil society to express their views it will
utterly lack legitimacy"
Key
documents (latest first)
Council
of the European Union
- 15431/1/06 Questions
on scope to the Council, dated 22 November 2006
- 13246/5/06 Draft as at 22
November 2006 - still with reservations by member states and with a number of
outstanding questions within the Council (see 15431/06 below)
- 13246/4/06
Draft as at 17 November 2006 - with a number of outstanding questions within
the Council (see 15431/06 below)
- 15431/06
Questions on scope to the Council, dated 17 November 2006
- 13246/3/06
Draft as at 13 November 2006
- 13918/1/06, dated 31 October 2006.
Question of scope being put to COREPER - domestic law as well as cross-border
exchanges?
- 13246/2/06, dated 25 October 2006: Full draft. Contains revisions by the Presidency and puts substantial
issues to the Articles 36 Committee meeting on 10 November.
- 13918/06, dated 13 October 2006: Question on scope: Note to Article 36 Committee on the draft Framework
Decision should cover only exchanges between member states (international) or
domestic (national) processing as well. Six member states "have expressed
doubts" as the measure covering domestic processing - Switzerland, Czech
Republic, Denmark, Ireland, Sweden and UK.
- 13958/06, dated 16 October 2006: List provided by the General Secretariat of the Council on data
protection provisions in other third pillar instruments. It does not cover the
Schengen agreement whose provisions are stricter than the draft proposal. Most
importantly, provisions in all other measures and proposals which refer to the
Council of Europe Convention 1981 and Recommendation (87) 15 on the use of
personal data in the police sector would automatically be replaced by the
new DPFD (see Recital 25) - which, on the evidence of the current Council draft, will set far lower
standards for those member states who sought to implement CoE standards.
- 13246/1/06 REV1, 9 October 2006. It will be seen in the introduction (p2, pt 4) that the draft "departs
from the point of view that the FD will also be applicable to domestic data
processing"
- 13246/06, dated 27 September 2006. Full-text of the Council's current draft. First six
pages set out issues for the Multidisciplinary Group on Organised Crime to
discuss as the Council starts its "second reading"
- 12294/06, dated 19 September 2006 - "Issues paper"
- 12432/06 - Questions on scope, 6 September 2006
- 11547/3/06 Full-text of the Council's draft at 13 September 2006
"At
the meetings of the MDG - Mixed Committee of 8 February, 9 and 31 March, 25
April and 19 May 2006 the first two chapters were discussed in-depth. At the
meetings of 20 June, 7 and 25 July 2006, Chapter III was discussed. At the
meeting of 4 September 2006, Chapters IV and V were discussed. Delegations are
invited to discuss of Chapters VI, VII and VIII."
- 11547/2/06 Full-text of the Council's draft at 24 August
2006
- 11547/06 Full-text of the Council's draft at 13 July 2006
- 8175/2/06 - Information on state of play of discussions, 25
April 2006
- 8175/1/06 - Information on state of play of discussions, 24
April 2006
- 8175/06 Scope: application to processing of data in a purely
domestic context, 6 April 2006
- 6450/5/06 Full-text of the Council's draft at 23 June 2006
- 6450/4/06 Full-text of the Council's draft at 7 July 2006
- 6450/3/06 Full-text of the Council's draft at 11 May 2006
"At the meetings of the MDG - Mixed Committee of 8 February, 9 and
31 March, 25 April and 19 May 2006 the first two chapters were discussed
in-depth. Further to those discussions the Presidency has amended the text of
the relevant provisions of Chapter II, which has a pivotal position in
the draft Framework Decision." (emphasis added)
- 6450/2/06 Full-text of the Council's draft at 19 April 2006
- 6450/1/06 Full-text of the Council's draft at 23 March 2006
- 6450/06 Full-text of the Council's draft at 28 February 2006
- 5485/06 Discussion of issues, 23 January 2006
- 5193/06 Changes to the preamble ("Recitals"), 11
January 2006
- 15554/05 Discussion of issues: 21 December 2005
- 14326/05 Discussion of issues: 15 November 2005
The final report issued by the Council's Information Systems and Data
Protection Working Party in April 2001 (it met between 1998-2001) - the Working
Party was formally abolished in 2002:
- Draft Resolution on the personal
data protection rules in instruments under the third pillar of the European
Union (6316/2/01)
European Parliament
1. Report formally adopted on 27
September 2007
European Commission
European Data
Protection Supervisor
Opinion of European
data protection authorities
1. Conference of European Data
Protection Authorities, Brussels, 24 January 2006
3. Declaration by the European Data
Protection Authorities, 2 November 2006
National parliaments
UK:
House of Commons: The Select Committee on European Scrutiny has so far
discussed the measure on three occasions: 27 July 2006 (link), 11 January 2006 (link) and 16 November 2005 (link)
UK:
House of Lords: Select Committee on the European Union: Its report "Behind
Closed Doors" covers the proposed Framework Decision and includes evidence
from the European Data Protection Supervisor: Behind Closed Doors (pdf)
Civil society reactions
1.
Statewatch analysis: EU data protection in police and judicial
cooperation matters: Rights of suspects and defendants under attack by law
enforcement demands (October 2006)
1995 Directive on
data protection
1. Directive 95/46/ECon the protection
and processing of personal data
("first pillar", including immigration)
2. First, and only report, produced by the Commission on the implementaion of
95/46/EC, 15.5.03.
2a. Extract from above report on the
major shortcomings of resources and compliance
3. Technical annexe to Commission
report on implementation
above
4. Letter from the USA to the EU Article 29
working party on data protection concerning the implementation report, xx August 2002
5. EU policy “putsch”: Data protection
handed to the DG for “law, order and security”
Statewatch News online | Join Statewatch news e-mail list | Free sample issue of Statewatch bulletin