“The adoption of this proposal would mean a considerable step forwards for the protection of personal data,” wrote Peter Hustinx, the current EDPS, in his 35-page opinion.
Hustinx's job is to monitor the processing of personal data by the Community institutions and bodies. His latest opinion examines a Council of Ministers Framework Decision that was published in October.
Existing rules for the processing of personal data are found in the 1995 Data Protection Directive. But that Directive does not apply either to the processing of personal data within the framework of police and judicial cooperation in criminal matters, or to the processing of personal data in the course of an activity which falls outside the scope of Community law, including operations concerning public security, defence, and the activities of the State in areas of criminal law.
These areas are left to Member States to deal with or, on a European level, to the Council of Ministers. So the Council of Ministers' Framework Decision attempts to harmonise Member States' approaches to the exchange of data, including fingerprints, DNA profiles and telephone numbers.
An enormous increase in the volume of personal data being circulated is expected as Member States co-operate more and more in fighting crime and terrorism. Hustinx says this adds to the need for the Framework Decision.
"The Framework Decision will be one of the three central pieces of European legislation in the field of data protection," said Hustinx. "Common standards that are applicable to all processing are very much needed and I generally support the proposal which can constitute a considerable step forward."
But he added: “Good law enforcement and good data protection reinforce each other – so it is in the interest of everyone that the proposal is even further improved before it is adopted".
Hustinx set out a number of improvements that should be made to the Framework Decision, including:
