IT governance and IT management
Guidelines on the protection of personal data in IT governance and IT management of EU institutions.
Following many years of intense political debate on data protection in the European Union, the General Data Protection Regulation (GDPR) will finally become law across the EU in May 2018 and is designed to be the cornerstone of data protection in Europe. It sets out directly applicable rules on the rights of data subjects, the duties of those organisations that demand the processing of personal data and those that do the processing (data controllers and processors), international data transfers and the powers of supervisory authorities.
Guidelines on the protection of personal data in IT governance and IT management of EU institutions.
The GDPR is an outstanding achievement for the EU, its legislators and stakeholders, but the EU's work to ensure that data protection goes digital is far from finished. The majority of the world population now has access to the internet, while tech giants now represent the six highest valued companies in the world. With this in mind, in 2017 the EDPS issued advice to the legislator on the new ePrivacy Regulation, as well as pursuing his own initiatives relating to the Digital Clearinghouse and Digital Ethics, the latter of which will be the main topic of discussion at the 2018 International Conference of Data Protection and Privacy Commissioners, co-hosted by the EDPS.
Finalising and implementing a revised version of the current legislation governing data protection in the EU institutions and bodies as soon as possible is also a priority, if the EU is to remain a credible and effective leader in the protection of individuals' rights. The EDPS intends to exercise the powers granted to him in the revised Regulation efficiently and responsibly, in order to ensure that the EU's institutions and bodies set an example for the rest of the EU to follow. For this reason, the EDPS has invested a lot of effort in preparing the EU institutions for the new rules and will continue to do so throughout 2018.
In 2017, the EDPS also contributed to ongoing discussions on the Privacy Shield and on the free flow of data in trade agreements, which will remain on the EU and EDPS agenda throughout 2018. With the fight against terrorism still a pressing concern for the EU, the EDPS continues to advocate the need to find a balance between security and privacy in the processing of personal data by law enforcement authorities. As the new data protection supervisor for Europol, the EU’s police authority, he is determined to ensure that the EU sets an example in achieving this balance.
The EDPS-Civil society summit is an annual meeting between EDPS and civil society organisations organized to discuss the state of data protection and privacy in the EU.
The 2018 edition will focus on two main issues:
The summit is a part of the Privacy Camp 2018.
You can follow the event on our Twitter account and participate in the online conversation using the hashtags #EDPSCivSoc2016 and #PrivacyCamp
On 30 November 2017, the EDPS Supervision & Enforcement Unit has provided a training on the new Regulation to managers/heads of Units/sectors at the EUSA, in Brussels.
Link to video presentation.
Password to access the video: EDPS-301117
Please note: Internet Explorer may not work correctly, we recommend using a different web browser.
8th Annual Data Protection and Privacy Conference, Speech by Giovanni Buttarelli, Brussels, Belgium