In common with all other European institutions, the EDPS is subject to specific legal obligations concerning the protection of personal data. These obligations are laid down in the Data Protection Regulation (Regulation (EC) No 45/2001).
Apart from specifying the legal principles governing the processing of personal data by the EU administration, the Regulation provides that each European institution or body must appoint at least one person as a Data Protection Officer ("DPO").
The main task of the DPO is to ensure, in an independent manner, the internal application of the provisions of the Regulation in his/her institution. The DPO is also required to keep a register of all of the processing operations involving personal data carried out by the institution. The Register, which must contain information explaining the purpose and conditions of the processing operations, should be accessible to any interested person.
The role of DPO at the EDPS presents many challenges: being independent within an independent institution, meeting the high expectations of colleagues who are particularly aware and sensitive about data protection issues, and delivering solutions that can serve as benchmarks for other institutions. The implementing rules reflect these specificities, while taking into account both the EDPS Position paper and the DPOs Network's Paper on Professional Standards for Data Protection Officers.
Data Protection Officer
GDPR requires DPOs: EU institutions leading by example. Read the latest blogpost by Wojciech Wiewiórowski.
Counterterrorism and Data Privacy: A European Perspective. Read the speech by Giovanni Buttarelli given at to the symposium on Governing Intelligence: Transnational Approaches to Oversight and Security, hosted by the Center on Law and Security and the Woodrow Wilson International Center for Scholars.
Ethics at the Root of Privacy and as the Future of Data Protection. Read the address by Giovanni Buttarelli given at event hosted by Berkman Center for Internet and Society at Harvard University and the MIT Internet Policy Initiative and the MIT Media Lab.
On 16 June 2016 the EDPS will meet the civil society organisations to discuss the state of data protection and privacy in the EU. Read more and sign up here!
Privacy: The Competitive Advantage, Speech by Wojciech Wiewiórowski, London, UK
Conference on General Data Protection Regulation, Speech by Giovanni Buttarelli (via video), Copenhagen, Denmark
39th DPO meeting hosted by Eurofound, Introductory speech by Wojciech Wiewiórowski, Dublin, Ireland
European Data Protection Days, Keynote by Giovanni Buttarelli on Enduring values and sustainable solutions: The GDPR as a catalyst for individual digital rights across the globe and participation in a discussion on Chances, challenges and the latest developments in international data protection, Berlin, Germany
Intelligence Oversight Conference, New York University School of Law, Speech by Giovanni Buttarelli, New York, USA
Giovanni Buttarelli visits the Congress, Washington, D.C., USA
10th Annual Digital Regulation Forum, Policies for the Digital Single Market; an Evolution or a Revolution?, Interactive Panel Discussion: How does the emergence of online platforms affect the Digital Single Market?, Speech by Wojciech Wiewiórowski, London, UK
Annual Congress of Italian DPOs (ASSO), Speech by Giovanni Buttarelli (via video), Milan, Italy