Original URL: http://www.theregister.co.uk/2007/05/03/misdirected_privacy_complaints/

80% of complaints to EU privacy watchdog are misdirected

Should have gone to national bodies instead

By OUT-LAW.COM

Posted in Policy, 3rd May 2007 10:25 GMT

The number of complaints to the European Data Protection Supervisor (EDPS) almost doubled in 2006, but only 20 per cent were valid complaints for the privacy watchdog of the EU institutions, its annual report has said.

The number of complaints remained small, rising from 27 in 2005 to 52 in 2006. All but 10 of the complaints should have been directed to national data protection authorities and not the European Supervisor. In 2005 all but five of the complaints were similarly misdirected.

The EDPS is still a new body, having only been formed in 2004. It increased in size last year from having 19 staff to having 24, and its budget increased from €3m to €4m.

"A large majority of the complaints received continued to fall outside of the supervisory competences of the EDPS, for instance because they dealt exclusively with processing of personal data on the level of the member states, where national Data Protection Authorities are competent," said the report.

The report revealed that the body is conducting an audit of Eurodac, the database of fingerprints of illegal immigrants and applicants for asylum. The in-depth security audit is due to report by the middle of this year, the EDPS said.

The report acknowledged that the EDPS still has not managed to make data protection an automatic part of working life for EU bodies. "[One challenge] is the implementation of data protection rules and principles in the whole EU administration and to develop a data protection culture as part of good governance," said the report.

It also said that it would have to do further work to ensure that data protection forms an integral part of policies and laws in Europe. "The second challenge is to accomplish an integration of data protection principles in Community legislation, and to improve the quality of EU policies, whenever effective data protection is a basic condition for their success," said the report. "It is clear that this also involves successfully integrating privacy perspectives in some areas – such as public security and law enforcement policies – that sometimes seem to be at a different course."

The EDPS said that it issued twice the number of opinions in 2006 that it did in 2005. The office publishes opinions on data protection and privacy issues that arise, which often include direct criticisms of EU bodies and policies.

The most recent opinion was published earlier this week, and was a warning about a proposed framework for data sharing between European police forces. The EDPS said that he had "grave concern" about the plan. It is a "lowest common denominator approach that would hinder the fundamental rights of EU citizens", his opinion said.

Copyright © 2007, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.