In common with all other European institutions, the EDPS is subject to specific legal obligations concerning the protection of personal data. These obligations are laid down in the Data Protection Regulation (Regulation (EC) No 45/2001).
Apart from specifying the legal principles governing the processing of personal data by the EU administration, the Regulation provides that each European institution or body must appoint at least one person as a Data Protection Officer ("DPO").
The main task of the DPO is to ensure, in an independent manner, the internal application of the provisions of the Regulation in his/her institution. The DPO is also required to keep a register of all of the processing operations involving personal data carried out by the institution. The Register, which must contain information explaining the purpose and conditions of the processing operations, should be accessible to any interested person.
The role of DPO at the EDPS presents many challenges: being independent within an independent institution, meeting the high expectations of colleagues who are particularly aware and sensitive about data protection issues, and delivering solutions that can serve as benchmarks for other institutions. The implementing rules reflect these specificities, while taking into account both the EDPS Position paper and the DPOs Network's Paper on Professional Standards for Data Protection Officers.
Data Protection Officer
The EDPS’ free app, EU Data Protection, has been updated! You can now consult the texts of General Data Protection Regulation (REG) 2016/679 and the Directive 2016/680 for the police and criminal justice sector alongside the texts they replace.
Our latest newsletter is online now.
Re-focusing on the human dimension of data protection - read the latest blogpost by Wojciech Wiewiórowski.
Fablab on GDPR, Participation of Wojciech Wiewiórowski and Giovanni Buttarelli, Brussels, Belgium
Extraordinary Plenary Session of the Article 29 Working Party, Participation of Giovanni Buttarelli, Brussels, Belgium
45th Asia Pacific Privacy Authorities Forum, Participation and speeches of Giovanni Buttarelli on Update on EU GDPR and Calibrating Privacy Principles to a Big Data and Digital Society, Singapore
Launch of EU Data Protection Whitepaper, British Chamber of Commerce in Denmark, Keynote speech by Giovanni Buttarelli, Brussels, Belgium
Marketing and profiling in the European Union, participation and speeches by Giovanni Buttarelli and Wojciech Wiewiórowski, Brussels, Belgium
Privacy Laws & Business Annual International Conference, Wojciech Wiewiórowski in panels on Privacy terms and conditions and How data protection rules should be enforced in tandem with competition and consumer policy, Cambridge, UK
Confindustria Radio Televisioni General Assembly 2016, Giovanni Buttarelli in a panel on Authority, Markets and Rights, Rome, Italy
Reframing Data Transparency, Wojciech Wiewiórowski in a Roundtable Discussion organised by the Centre for Information Policy Leadership and Telefónica, London, UK