EUROPE: EU Commissioner Reding introduces her Eight Principles of Data Protection


On Data Protection Day, EU Commissioner Viviane Reding introduced the so-called “Data Protection Compact”, her 8 principles of Data Protection that should govern the way personal data is processed by the public and the private sector.

Principle 1: Europe must establish a robust Data Protection legal framework that can be the gold standard for the world. Otherwise others will move first and impose their standards on Europe.

Principle 2: The Data Protection legal framework should not distinguish between the private and the public sector. Citizens would simply not understand a split in times when the public sector collects, collates and sometimes even wants to sell private data.

Principle 3: Drafting data protection rules require public debate because they relate to civil liberties online. Data protection should be the subject of a public information campaign leading to joint discussions between citizens, civil liberties groups, companies and governments.

Principle 4: Blanket surveillance of electronic communications data is not acceptable. Data collection for surveillance purposes should be targeted and be limited to what is proportionate to the objectives that have been set.

Principle 5: Laws need to be clear and laws need to be kept up to date. It cannot be that States rely on outdated rules, drafted in a different technological age, to frame modern surveillance programmes. Such laws give citizens little or no idea about what is actually going on.

Principle 6: National security should be invoked sparingly. It should be the exception, rather than the rule. The need to protect national security can justify special rules. But not everything that relates to foreign relations is a matter of national security. It undermines the legitimacy of laws that are vital for our security.

Principle 7: Judicial oversight is necessary to ensure that the pendulum does not swing too far. Executive oversight is good. Parliamentary oversight is necessary. Judicial oversight is key.

Principle 8: Data Protection rules should apply irrespective of the nationality of the person concerned. Applying different standards to nationals and non-nationals makes no sense in view of the open nature of the internet.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© DLA Piper | Attorney Advertising

Written by:


DLA Piper on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.