Navigation path

Left navigation

Additional tools

Other available languages: none

European Commission

Cecilia Malmström

EU Commissioner for Home Affairs

Speech: Protecting personal data in the EU: EDPS Strategy 2013-2014

Launch of the EDPS' strategy 2013-2014

Brussels ,22 January 2013

Dear Mr Hustinx, Mr Buttarelli, Mr Docksey, dear guests,

It is a pleasure for me to be here to mark the launch of the new EDPS Strategy, together with so many friends and distinguished speakers.

I have had the privilege of working with data protection issues for a number of years - as an MEP, as Swedish Minister for European Affairs, and now as Commissioner for Home Affairs.

During that time the area has grown enormously in practical importance, in legal status and in political visibility. And the EDPS has grown with it: you have established yourself firmly, and I quote from the Strategy, as "a knowledgeable and authoritative body, providing strong leadership and data protection expertise".

That is a strong basis for the new Strategy. I personally want to welcome that Strategy for two simple reasons: First, a Strategy is clearly needed to face the growing challenges of effectively protecting personal data in the EU. Secondly, this Strategy sets a clear and in many ways very positive direction for how the EDPS can help meet those challenges.

I will just say a few words on each of those two points.

A. Why a Strategy is needed

First, on the need for a Strategy in the first place, technological developments and changes in people's behaviour lead to increasing collection, exchange and sharing of information. Personal data flow between individuals, companies, and public sector actors – often crossing borders without regard for traditional legal concepts of 'jurisdiction' or 'who regulates what'. Technologies already enable public and not least private sector actors to monitor, record and ultimately map numerous aspects of the private lives of individuals.

These developments mean that the EU needs, more than ever, a strong policy to fully protect the fundamental right to protection of privacy and protection of personal data. A policy based on clear, modern and common rules, backed up by independent and data protection supervision with a voice which is credible and respected at all levels.

B. Why this Strategy is right

And this brings me to my second point. The Strategy we are here to mark today makes a number of useful suggestions for how to meet the different challenges. In that sense, it is a very good Strategy. I promised to be brief, so will highlight just three points:

1. Being selective

The Strategy signals, for a start, that the EDPS will be more selective and focus on "initiatives in which respect for data protection is essential". The focus will be on areas where the risk of data protection being affected, or fundamental rights violated, is high. I welcome that approach, as a way to achieve what you refer to as "acting selectively and proportionately".

Selecting the 'priority areas' may in itself be a challenge. The Strategy suggests that the EDPS will invest, for example, in "assess[ing] the privacy risks of new technologies by collecting and analysing information as appropriate".

2. Promoting dialogue

Another important point, which struck me when reading the Strategy, is the emphasis on dialogue, and early involvement and participation by the EDPS in policy making.

I agree: the EDPS should be part of developing EU legislation, advising – and of course listening to – policy makers and staff at all levels. In fact, my services have already agreed to start regular meetings with the EDPS on on-going files.

This is a particularly important initiative given the "sensitive relationship" between security instruments and data protection standards.

3. Showing greater understanding of the context

This brings me to the last point that I wish to highlight: the call from stakeholders on the EDPS to show greater understanding of the contexts and constraints of the institutions and to be more flexible and pragmatic.

Here I really believe that I, and my services at the Commission, can work closer together with the EDPS in the future. We should be able to feed the EDPS more information on the context and institutional constraints of those policies and public authorities falling under my responsibility, that is mainly law enforcement.

To conclude, let me just say that - as liberal politician and as a Commissioner dealing directly with information management policies - I welcome the new EDPS Strategy, and I look very much forward to working with the EDPS to put it into practice.

Side Bar