Teal blue header image

European Data Protection Supervisor publishes 2017 priorities

On 15 February 2017, the European Data Protection Supervisor (EDPS) published its priorities for providing advice in 2017

The priorities consist of a note setting out the strategic objectives for legislative consultation identified by the EDPS and an annex listing European Commission proposals that require the attention of the EDPS. The Commission proposals are arranged in a colour-coded table according to the level of their priority.

Role of the EDPS and background to 2017 priorities

The EDPS is an independent supervisory authority whose primary objective is to ensure that the people's right to data protection and privacy is respected by European institutions and bodies. It is responsible for supervising compliance with data protection and issuing consultations on policies and legislation that affect data protection and privacy in the EU. The EDPS also cooperates with other data protection authorities to promote a consistent approach to data protection throughout Europe.

Its published priorities for 2017 illustrate the EDPS's approach in the area of policy and consultation and are in line with the EDPS Strategy 2015 – 2019 and the Commission Work Programme 2017. The EDPS has confirmed that it will adjust its priorities throughout the year to be able to respond to upcoming developments, including the following areas of strategic importance:

Establishing a new legal framework for the EDPS

In view of its importance, the EDPS intends to devote resources to the revision of Regulation (EC) No 45/2001 which governs the duties and tasks of the EDPS. The EDPS wishes to ensure that the rules for data processing that are applicable to EU institutions, bodies, offices and agencies are aligned with the principles of the General Data Protection Regulation (the GDPR).

Protection of confidentiality and privacy in electronic communications

In light of the recent publication of a draft E-Privacy Regulation intended to replace the current E-Privacy Directive, the EDPS will contribute to the ongoing legislative process and review. It will set its focus, among other issues, on the need to embed the principle of confidentiality of electronic communications into EU law.

Security Union agenda and stronger borders based on respect for fundamental rights

The EDPS considers that certain security initiatives included in the Commission Work Programme 2017, such as the Security Union agenda and the Action Plan of Terrorist Financing are likely to have serious implications for the protection of privacy and personal data. The EDPS will work with EU co-legislators to construct balanced and efficient legislative proposals that "promote a mature conversation on security and privacy".

Additional planned initiatives

The European Council has recently sought the advice of the EDPS in relation to a proposal for a directive concerning contracts for the supply of digital content, and in response to this request the EDPS has issued an opinion. In addition to this initiative, the EDPS will also be involved in the following:

  • Discussions around the review of the 4th Anti-Money Laundering Directive, and in particular the data protection aspects of the beneficial ownership information;
  • Monitoring of the framework in relation to adequacy decisions on exchange of personal data with third countries;
  • Review of ongoing initiatives including negotiations and possible new trade agreements (eg. with Japan, Canada, Australia, Chile and New Zealand) to monitor their impact on privacy and data protection;
  • Consultation input in relation to rules and regulations impeding the free flow of data. This issue forms part of the Commission's Communication on Building a European Data Economy; and
  • Preparation of a toolkit intended to assist policy makers and the EU co-legislators in evaluating the necessity of measures which interfere with the fundamental right to data protection. This will be followed up with a background document on utilising the principle of proportionality in measures capable of restricting data protection and privacy rights. 

it will be interesting to see how the EDPS strategic objectives are reflected in the new legislative initiatives around data protection and privacy. With the implementation of the GDPR and the recently proposed draft of the e-Privacy Regulation, the UK will be tracking the EDPS's position on these data protection developments.  

This publication is intended for general guidance and represents our understanding of the relevant law and practice as at March 2017. Specific advice should be sought for specific cases. For more information see our terms & conditions.

Insights & events View all