Privatsphäre in den EU-Organen

The European institutions, bodies and agencies have had to react to the COVID-19 crisis not only in their policy roles, but also in their roles as employers. Changes in operations, such as moving the vast majority of staff to remote working have raised numerous questions on which EUIs consulted the EDPS. 

This document compiles the advice given on questions such as teleworking tools, staff management, health data aspects and replying to data subject access requests. 

This document builds on the experience of the past months and addresses the issues that were raised to us or encountered by us and is still relevant because telework will most likely be a big part of the ‘new normal’ for EUIs work. 

This Report, based on a survey carried out in February 2020, is on the European Institutions' use of Data Protection Impact Assessments (DPIAs), case 2020-0066

This paper presents the issues raised by the EDPS’ own-initiative investigation into European institutions’, bodies’, offices’ and agencies’ (‘EU institutions’) use of Microsoft products and services. These findings and recommendations from the investigation are likely to be of wider interest than just of the EU institutions: they may be of particular interest to all public authorities in EU/EEA Member States.

EDSB kommentiert den Entwurf der internen Regeln von Eurojust bezüglich der Einschränkung der Rechte bestimmter betroffener Personen (Artikel 25 der Verordnung (EU) 2018/1725)

Consultation from an European Institution on the relationship with its contractor for providing travel agency services. The contractor considers that it should be a separate controller; the EDPS analyses the relationship at hand, the consequences of different legal constructions, and concludes that a controller-processor relationship is the most appropriate arrangement.