Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Protection and Justice and Home Affairs

Published byPetra Brander Modified over 5 years ago

Similar presentations

Presentation on theme: "Data Protection and Justice and Home Affairs"— Presentation transcript:

1 Data Protection and Justice and Home Affairs
The United States - Member States counterterrorism cooperation and the European data protection standards Prof. Paul De Hert, LSTS - VRIJE UNIVERSITEIT BRUSSEL January 14, 2019

2 1. CoE data protection law
Article 8 ECHR Convention No. 108 and its Additional Protocol Recommendation No. R (87) 15 Regulating the Use of Personal Data in the Police Sector January 14, 2019

3  1. Article 8 ECHR 1. Everyone has the right to respect for his private and family life, his home and his correspondence. 2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others. The ECHR does not explicitly mention the protection of personal data. However The ECtHR case law recognises that the right to data protection is encompassed in Art. 8 ECHR: Z v. Finland, M.S. v. Sweden (1987): “The protection of personal data is of fundamental importance to a person’s enjoyment of his or her right to respect for private and family life as guaranteed by article 8 ECHR”. January 14, 2019

4 2. Convention No. 108 and its Additional Protocol
First data protection text Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data 1981 (“Convention 108”) Data Protection Principles Lawfulness Purposes limitation Proportionality Accurate, update Data retention Individuals rights and data collector duties the confidentiality of sensitive data, information of the data subject, his/her right to access, rectification, etc. Additional protocol 2001 adds the “adequacy requirement” for Transborder dataflow between Contracting Party to the Convention and third countries January 14, 2019

5 3. Recommendation No. R (87) 15 regulating the Use of Personal Data in the Police Sector
Scope: balance between the prevention and suppression of criminal offences, the maintenance of public order (state interest) and the respect of the privacy of citizens (individual interest) Soft Law - Guidelines for states: “Each country should establish an independent supervisory body outside the police sector.” “The collection of personal data for police purposes should be limited to such as is necessary for the prevention of a real danger or the suppression of a specific criminal offence” . The process of sensitive data by the police is allowed if the collection is "absolutely necessary for the purposes of a particular inquiry". January 14, 2019

6 2. EU Primary Law Standards
Pre-Lisbon: the Protection to the personal data right and its delayed in the police and judicial cooperation policies The new Article 16 TFEU The inclusion of the Judicial and Police Cooperation in the TFEU January 14, 2019

7 1. Pre-Lisbon Maastricht Treaty: pillar division structure
First pillar: European Community (EC) Legal Basis: Art. 95 and 286 ECT Co-decision procedure (Plmt&Council) Data protection text: Directive 95/46/EC Second pillar: Common Foreign and Security Policy (CFSP) No legal basis and no DP text Third pillar: Police and Judicial Cooperation in Criminal matter (PJCC) Legal basis: Art b TEU intergovernmental cooperation method (EU Plmt is only consulted) Data Protection text: Decision Framework 2008/977/JHA January 14, 2019

8 The new Article 16 TFEU (Lisbon)
Abolition of former pillars and entry of the personal data protection within the Union’s competences: Art.16 TFEU “Everyone has the right to the protection of personal data concerning them”. The European Parliament and the Council, acting in accordance with the ordinary legislative procedure, shall lay down the rules relating to the protection of individuals with regard to the processing of personal data by Union institutions, bodies, offices and agencies, and by the Member States when carrying out activities which fall within the scope of Union law, and the rules relating to the free movement of such data. Compliance with these rules shall be subject to the control of independent authorities. = The recognition of data protection as an autonomous fundamental right with full legal validity as part of primary EU law = An unique legal basis for former first pillar (community matters) and third pillar (police and judicial cooperation in criminal matters)  co-decision procedure January 14, 2019

9 The inclusion of the Judicial and Police Cooperation in the TFEU
Activities of the former third pillar, the Police Cooperation and the Judicial Cooperation pass under the Title V. Area of Freedom, Security and Justice in the TFEU Article 16 TFEU applies Co-decision procedure (Plmt&Council) full judicial review of the ECJ Article 218(6): the adoption of international cooperation agreements dealing with personal data protection (Data Sharing Agreements with third States) are subjected to the consent of the Parliament. January 14, 2019

10 3. The Framework Directive 2008/977/JHA
Adoption, purpose and scope Adopted under 2nd pillar after 9/11 = pro-security context The data protection reference text for the judicial and police cooperation area in criminal matter (// Dir.95/46 general and commercial matter) Apply to European and International cross-border data contexts Do not apply: to domestic processing and domestic transfers to already existing agreements between Member States or between the EU and third States to law enforcement authorities (Europol, Eurojust) and exchange systems (CIS, SIS) already governed by specific-sector instruments January 14, 2019

11 3. The Framework Directive 2008/977/JHA
The principles governing Data Transfers to third States and International bodies Processing = General Data Protection Principles (lawfulness, purposes limitation, proportionality, accurate and update) + Transfer = Article 13§1: Member States must assess the data protection legal framework of the third state and verify that it provides an adequate level of protection compared to the European Data Protection standards = ADEQUACY PRINCIPLE Adequate third state  may send data Not adequate third state  must adopt additional DP safeguards Transfer must be necessary for the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties; The receiving authority must be a law enforcement authority The Member State from which the data were obtained has given its consent to transfer January 14, 2019

12 4.The Proposal for Directive
Scope Applies to both purely domestic and cross-border data processing operated in the context of police and judicial cooperation Applies to existing legal instruments between EU Member States  they shall be renegotiated and amended if they do not include appropriate safeguards Transfer to third states The adequacy principle Commission may make “some adequacy determinations” = common interpretation about which are the adequate third states A system of direct verification by independent authorities Effective and dissuasive sanctions January 14, 2019

13 5. Transatlantic relations & data sharing cooperation
US-EU Post 9/11: counterterrorism measures  conclusion of bilateral and multilateral data sharing agreements allowing the transfer of massive personal data about the EU citizen’s towards the US via law enforcement (Europol, Eurojust, FBI, Interpol) and intelligence agencies (CIA, NSA) channels US-EU Mutual legal assistance Agreement US-EU Agreement on Extradition US-Europol US-Eurojust PNR Agreements SWIFT Agreement Main Criticism: in their negotiation, the EU and EU institutions did not live up to impose their own European data protection principles  agreements not in compliance with EU DP standards January 14, 2019

14 6. The Visa Waiver Program (VWP) and the data sharing agreements to Prevent and Combat Serious Crime (PCSC) US-MS VWP: allows nationals of 37 designated countries, including 23 EU Member States, to travel to the United States without having a visa (only a valid Electronic System for Travel Authorization (ESTA)) for business, transit or travel purposes for up to 90 days. Creates economic and political benefits between US and “VWP states” After 9/11 US government decides to impose new requirements to be part or remain VWP States: amongst them, the conclusion of a Preventing and Combating Serious Crime Agreement (PCSC) January 14, 2019

15 7. The PCSC or “Prüm-like Treaties”
PCSC or “Prum like Treaties” Objective: “sharing agreements aiming to fight against terrorism and serious cross-border crime” Content Similar to the Prüm Treaty but with less safeguards and with a non–EU State (not subjected to the same DP legal standards) Vague and broad concepts (ex: National contact point) categories of sensitive data may be transferred to the other Party if it is relevant to the purpose of the agreement (strictly necessity requirement ?) NO independent supervisory data protection  Member States have pushed aside their own data protection standards January 14, 2019

16 8. EU-US General Data Protection Agreement: Solution?
Under the suggestion of the High Level Contact Group (manage the discussions on privacy and personal data protection between the EU and the US in the context of the exchange of information), the EU Plmt & EU Com include in the reform DP package a General data Protection Transatlantic Agreement Umbrella agreement: a lex generalis for all future bilateral or multilateral data sharing agreements signed between the US and the EU institutions, its agencies, bodies, and Member States based on 12 “common principles” a list of the incompatibility points has been dressed and will serve to draft the future agreement EU Com and Art 29WP supports the introduction of a Retroactivity Principle  existing (multilateral and bilateral) data sharing agreements applicable in criminal matters such as the US-EU institutions agreements and PCSC agreements will be re-examined in the light of the new data protection standards encompassed in the general agreement.

17 Thank you January 14, 2019

Download ppt "Data Protection and Justice and Home Affairs"

Similar presentations

Treaty of Lisbon Implications and changes for the area of Freedom Security and Justice Training programme Lisbon Treaty - Ambassadors.

Treaty of Lisbon Implications and changes for the area of Freedom Security and Justice Training programme Lisbon Treaty - Ambassadors.
Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.

Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
Purpose MLA and extradition (and other forms of international judicial cooperation) with 3rd countries is part of the external policy of the Union Purpose.

Purpose MLA and extradition (and other forms of international judicial cooperation) with 3rd countries is part of the external policy of the Union Purpose.
The Area of Liberty, Security and Justice. Objectives Free movement for EU citizens Security and safety in a Europe without borders Figth against international.

The Area of Liberty, Security and Justice. Objectives Free movement for EU citizens Security and safety in a Europe without borders Figth against international.
Irish Centre for European Law Conference The Law of the Lisbon Treaty.

Irish Centre for European Law Conference The Law of the Lisbon Treaty.
INTRODUCTION INTO PRIVATE INTERNATIONAL LAW OF THE EUROPEAN UNION Marko Jovanovic, LL.M. MASTER IN EUROPEAN INTEGRATION Private International Law in the.

INTRODUCTION INTO PRIVATE INTERNATIONAL LAW OF THE EUROPEAN UNION Marko Jovanovic, LL.M. MASTER IN EUROPEAN INTEGRATION Private International Law in the.
The Treaties, Institutions and Policies of the EU

The Treaties, Institutions and Policies of the EU
EU: Bilateral Agreements of Member States

EU: Bilateral Agreements of Member States
Privacy and security: Is Europe going banana? Jean-Marc Van Gyseghem Head of Unit « Liberties in the information society » CRID – University.

Privacy and security: Is Europe going banana? Jean-Marc Van Gyseghem Head of Unit « Liberties in the information society » CRID – University.
EU: Bilateral Agreements of Member States. Formerly concluded international agreements of Member States with third countries Article 351 TFEU The rights.

EU: Bilateral Agreements of Member States. Formerly concluded international agreements of Member States with third countries Article 351 TFEU The rights.
MINISTRY OF FINANCE 4-7.11.2003Counsellor, docent, Dr Tuomas Pöysti1 The Constitutionalisation and Evolution of Penal Law and Control Policy in the European.

MINISTRY OF FINANCE Counsellor, docent, Dr Tuomas Pöysti1 The Constitutionalisation and Evolution of Penal Law and Control Policy in the European.
Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
EU Criminal Law Introduction, Lisbon Treaty. EU criminal legislation EU cannot adopt a general EU criminal code EU cannot adopt a general EU criminal.

EU Criminal Law Introduction, Lisbon Treaty. EU criminal legislation EU cannot adopt a general EU criminal code EU cannot adopt a general EU criminal.
European civil procedure law Judicial cooperation in civil matters

European civil procedure law Judicial cooperation in civil matters
Migration Law Schengen Information System by Konrad Wilk.

Migration Law Schengen Information System by Konrad Wilk.
EHRs and the European Union – current legislation and future directions. Dr Richard Fitton.

EHRs and the European Union – current legislation and future directions. Dr Richard Fitton.
Course: European Criminal Law SS 2009 Hubert Hinterhofer.

Course: European Criminal Law SS 2009 Hubert Hinterhofer.

Similar presentations

Ads by Google