In common with all other European institutions, the EDPS is subject to specific legal obligations concerning the protection of personal data. These obligations are laid down in the Data Protection Regulation (Regulation (EC) No 45/2001).
Apart from specifying the legal principles governing the processing of personal data by the EU administration, the Regulation provides that each European institution or body must appoint at least one person as a Data Protection Officer ("DPO").
The main task of the DPO is to ensure, in an independent manner, the internal application of the provisions of the Regulation in his/her institution. The DPO is also required to keep a register of all of the processing operations involving personal data carried out by the institution. The Register, which must contain information explaining the purpose and conditions of the processing operations, should be accessible to any interested person.
The role of DPO at the EDPS presents many challenges: being independent within an independent institution, meeting the high expectations of colleagues who are particularly aware and sensitive about data protection issues, and delivering solutions that can serve as benchmarks for other institutions. The implementing rules reflect these specificities, while taking into account both the EDPS Position paper and the DPOs Network's Paper on Professional Standards for Data Protection Officers.
Data Protection Officer
Accountability needs technology! - read the latest blogpost by Wojciech Wiewiórowski.
The EDPS, in collaboration with European consumer organisation BEUC, is hosting a joint conference on Big Data: individual rights and smart enforcement. The conference will take place in Brussels on 29 September 2016. For more information on the conference and how to register, visit the EDPS Events page.
Our IT services are undergoing scheduled maintenance from 12 to 15 August. Please note that, for technical reasons, we cannot guarantee that the complaints and annexed files submitted during this period will reach us - despite a possible acknowledgement of receipt. Should you not receive any acknowledgement of receipt within 10 working days from submitting your complaint, please do let us know.
Giovanni Buttarelli pays an accountability visit to the European Court of Justice, Luxembourg
Speech by Giovanni Buttarelli at the Seminar organised by the International Association of Lawyers on Data Protection in Financial Technology, Insurance and Medical Services: A new regulation and perspectives, Luxembourg
EDPS-BEUC Conference on Big Data: individual rights and smart enforcement, Speech by Giovanni Buttarelli, Brussels, Belgium
Giovanni Buttarelli and Wojciech Wiewiórowski meeting Michael O'Flaherty, the Director of the EU Agency for Fundamental Rights Agency, Brussels, Belgium
Giovanni Buttarelli meeting Thomas Lösse-Mueller, Head Chancellery Schleswig Holstein, Brussels, Belgium
107th Plenary meeting of the Article 29 Working Party, Participation of Giovanni Buttarelli and Wojciech Wiewiórowski, Brussels, Belgium
Giovanni Buttarelli meeting Shadow Rapporteurs on smart borders proposals, European Parliament, Brussels, Belgium
Seminar on data protection at University of Bologna, Speech by Giovanni Buttarelli, Bologna, Italy