Data Protection and Privacy Rights Sofia, 13-14 June 2019 Overview of the relevant developments in the field of data protection at EU level Plamen Angelov, Director, DPA of Bulgaria [AD/2019/04] With financial support from the Justice Programme of the European Union
14
Embed
Data Protection and Privacy Rights Sofia, 13-14 ... - ejtn.eu · Transparency Territorial scope of GDPR Automated decision-making and Profiling Derogations under Article 49 GDPR Data
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Data Protection and Privacy RightsSofia, 13-14 June 2019
Overview of the relevant developments in the field of data protection at EU level
Plamen Angelov, Director, DPA of Bulgaria[AD/2019/04]
With financial support from the Justice
Programme of the European Union
Content
2
1. EU legal framework:
1.1. GDPR
1.2. Law Enforcement Directive
1.3. EUI – GDPR
1.4. Draft legislative acts
2. Jurisprudence of ECJ
3. European Data Protection Board
4. Practice of the Bulgarian DPA
EU Legal Framework: GDPR
3
Regulation (EU) 2016/679 (General Data Protection Regulation):
❑ Complex legal nature
❑ Horizontal and overarching
❑ Application and supervision in the judicial system
❑ Scope: (1) Prevention, investigation, detection or prosecution of criminal offences or (2) the execution of criminal penalties, including (3) the safeguarding against and the prevention of threats to public security
❑ GDPR vs. LED: High level of harmonization but mutually exclusive
EU Legal Framework: EUI-GDPR
5
Regulation (EU) 2018/1725 (GDPR for EU Institutions and Bodies):
❑ Scope: Data processing by Union institutions, bodies, offices and agencies (except CSDP missions)
❑ Processing of operational personal data by Union bodies, offices and agencies - Eurojust
❑ European Data Protection Supervisor (EDPS)
EU Legal Framework: draft acts
6
❑ Proposal for Regulation on Privacy and Electronic Communications (ePrivacy Regulation)
❑ Proposal for Regulation on European production and preservation orders for electronic evidence in criminal matters (e-evidence)
ECJ Jurisprudence
7
❑ C-362/14 (Schrems): Essential guarantees in case of access by public authorities, powers of DPAs
❑ Joined cases C-293/12 and C-594/12 (Digital Rights Ireland), Joined cases C-203/15 and C-698/15 Tele2/Watson), C-207/16 (MinisterioFiscal): Data retention
❑ Opinion 1/15 of ECJ: Agreement between EU and Canada on transfer of PNR data
ECJ Jurisprudence (cont.)
8
❑ C-131/12 (Google Spain), C-398/15 (Salvatore Manni): right to be forgotten
❑ C-210/16 (Wirtschaftsakademie): Joint controllership of a Facebook fan page