National data protection supervisors ‘not independent enough’

Author (Person)
Series Title
Series Details 15.03.07
Publication Date 15/03/2007
Content Type

The European Commission has warned it will take legal action against member states if they do not address problems with the independence and powers given to their national data protection supervisors.

A report by the Commission has highlighted inconsistencies in the way a directive setting down data protection rights is implemented.

"Some member states have failed to incorporate a number of important provisions of the directive. In other cases, transposition or practice has not been conducted in line with the directive or has fallen outside the margin of manoeuvre," the report says.

It adds: "One concern is respect for the requirement that data protection supervisory authorities act in complete independence and are endowed with sufficient powers and resources to exercise their tasks."

The report stresses the importance of the data protection supervisors, saying that "any failure to ensure their independence and powers has a wide-ranging negative impact on the enforcement of the data protection legislation".

The report states that shortcomings have come to light after member states admitted to them or following complaints by individuals.

The Commission would not say which member states were at fault.

Tony Bunyan, editor of the online bulletin, Statewatch, criticised the report for not addressing the issue of informing individuals when their data is sent from one state or private body to another, one of the elements of the 1995 directive. A 2003 review of the directive highlighted a problem in this area, Bunyan said. "Why are they silent on this?…I live in the UK and I have never been sent any information about the transfer of my data from one government department to another," he said.

The report states that inconsistencies in the implementation of the directive do not pose any problems for how companies operate in different countries, in terms of data flow, and, there is no need to amend the directive. "The Commission considers that the data protection directive constitutes a general legal framework which fulfils its original objectives by constituting a sufficient guarantee for the functioning of the internal market while ensuring a high level of protection."

But it warns that "the Commission will continue to work with member states, and, where necessary, will launch official infringement procedures, so as to ensure a common playing field for all member states".

The European Commission has warned it will take legal action against member states if they do not address problems with the independence and powers given to their national data protection supervisors.

Source Link Link to Main Source http://www.europeanvoice.com