FIFTH REPORT
The European Scrutiny Committee has made further
progress in the matter referred to it and has agreed to the following
Report:—
DATA PROTECTION BY EC
INSTITUTIONS AND BODIES
| (20510)11144/99COM(99) 337
| Draft Regulation on the protection of individuals with regard to the processing of personal data by the institutions and bodies of the Community and of the free movement of such data.
|
| Legal base: |
Article 286 EC; co-decision; qualified majority voting
|
| |
| Department: |
Home Office |
| Basis of consideration:
| Minister's letter of 14 December 1999
|
| Previous Committee Report:
| HC 34-xxx (1998-99), paragraph 6 ( 3 November 1999)
|
| To be discussed in Council:
| No date set |
| Committee's assessment:
| Politically important |
| Committee's decision:
| Not cleared; further information requested
|
Background
1.1 EC institutions and bodies process personal
data for a range of purposes, including anti-fraud activities,
subsidy administration, investigation of complaints, and as employers.
Article 286 EC requires Community institutions and bodies, from
1 January 1999, to apply the Community rules on the protection
of personal data as set out for the most part by Directive 95/46/EC
(the general Data Protection Directive). In addition, the Article
provides for an independent supervisory body to monitor the application
of those rules.
1.2 The Economic and Social Committee of
the European Communities (ESC)[19]
published its Opinion on the proposal in December 1999, broadly
welcoming it while making both general and specific comments on
the text.
1.3 When the Committee last considered the
draft Regulation (in November 1999) it did not consider that it
had sufficient information about its contents or about the Government's
view to clear the document.
The Minister's letter
1.4 The Parliamentary Under-Secretary of
State at the Home Office (Mr O'Brien) has now written to
the Committee, giving much fuller information about the proposal.
He says:
"The Committee asks
two questions. First, it wishes to know why the draft Regulation
and the general Data Protection Directive (95/46/EC) are not identical
and what the significant differences are. Since the draft Regulation
follows, to the relevant extent, the provisions of the Telecoms
Data Protection Directive (97/66/EC) as well as those of the general
Directive, I will address both Directives in my observations.
"There are two main reasons for the differences
between the draft Regulation and the two Directives. The first
is that the provisions of the Directives, which are directed to
Member States, will not always be relevant, or at least applicable
in identical terms, to the EC institutions and bodies to whom
the draft Regulation is directed. For example, the draft Regulation
contains no provision corresponding to Article 14(b) of the general
directive on direct marketing. That is because, the Commission
argues, the EC institutions and bodies do not do direct marketing.
"The second main reason for the differences
lies in the different functions of the two types of instrument.
The Directives establish rules which Member States are required
to transpose into their national law. In that process of transposition
the rules, and the exemptions from them, established by the Directives
will be made more precise according to the domestic arrangements
of each Member State. The draft Regulation, on the other hand,
is in this respect more akin to a Member State's transposing legislation.
It establishes the precise rules applicable to the EC institutions
and bodies."
1.5 The Minister lists in some detail the
most significant differences between the draft Regulation and
the Directives.
1.6 He then continues:
"Secondly, the Committee
asks for the Government's view of the provisions themselves. As
its Explanatory Memorandum indicates, the Government supports
the objective of the draft Regulation. If there is to be a coherent
framework of data protection rules within the European Union facilitating
exchanges of information with proper regard to the protection
of individuals' personal data, it is clearly important that the
EC institutions and bodies must be bound by those rules.
"The draft Regulation is modelled very closely
on the two Directives. The Government believes that data protection
rules which the draft Regulation will apply to the EC institutions
and bodies are, allowing for differences in circumstances, very
close indeed to those which will apply within Member States. In
discussions on the draft Regulation the Government will pay particular
attention to the need to maintain comparable rules."
Conclusion
1.7 We thank the Minister for his full
and helpful response, which has given us a much clearer picture
of the Regulation than the earlier EM did. However, with the benefit
of that clearer picture and of the ESC Opinion, we now ask whether
the Minister agrees with the Opinion
(a) that there
is a case for broadening the remit of the European Data Protection
Supervisor to include such Third Pillar bodies as Europol and
the supervisory body for the Schengen Information System (SIS);
and
(b) that there should be a separate chapter
devoted to protection of the personal data and privacy of staff
employed by Community institutions and bodies ?
1.8 We will keep the document under scrutiny
until we have his reply.
19 The Economic and Social Committee consists of representatives
"of various categories of economic and social activity, in
particular, representatives of producers, farmers, carriers, workers,
dealers, craftsmen, professional occupations and representatives
of the general public" (Article 257 EC). It has advisory
status: some articles of the Treaty require the Council or Commission
to consult it, in other areas these institutions may consult it
if they wish, and the ESC may also issue an opinion on its own
initiative when it thinks appropriate. Back
|
