Each EU institution, body or agency (EU institutions) has appointed a data protection officer (DPO). It is the DPO's duty to ensure in an independent manner the internal application of the data protection rules applicable to the EU institution. This also involves other tasks such as ensuring that controllers and individuals (data subjects) are informed of their rights and obligations, and cooperating with the EDPS at his request or on their own initiative. A list of data protection officers can be found on the EDPS website.
Guidelines concerning implementing rules concerning the tasks, duties and powers of the Data Protection Officer (Article 24.8)
This Report, which covers 2008 as the fourth full year of activity of the EDPS, concludes the first EDPS mandate and provides an opportunity to take stock of developments since the start.
The report shows that significant progress was achieved both in the EDPS supervisory and advisory tasks. Most Community institutions and bodies are making good progress in ensuring compliance with data protection rules, but there are still great challenges ahead. The EDPS supervision work is therefore putting more emphasis on measuring the level of compliance in practice, in particular through more systematic verifications on the spot, and on monitoring the implementation of recommendations in prior checking.
The EDPS also further improved his performance as an advisor to the European institutions and submitted opinions on an increasing number of legislative proposals. The majority of the EDPS opinions continued to concern issues related to the area of freedom, security and justice. Other subjects, such as e-privacy, public access to documents, the establishment of information systems and access to those systems, cross-border healthcare and new technologies were also quite prominent.
You can obtain a paper version of this Annual Report on EU Bookshop.
The report runs through the main features of the EDPS activities in 2007, notably with regard to his supervisory and consultative tasks.
The report highlights a considerable increase in the number of prior-checks relating to processing operations of personal data in Community institutions and bodies. The EDPS also gave further effect to his advisory role on new EU legislative proposals having an impact on data protection with the publication of 12 opinions.
2007 saw the signing of the Lisbon Treaty that provides for an enhanced protection of personal data and whose impact for data protection will be closely monitored.
You can obtain a paper version of this Annual Report on EU Bookshop.