link to page 1
COUNCIL OF
Bruxelles, 19 July 2012 (26.07)
THE EUROPEAN UNION
(OR. fr)
12682/12
DOCUMENT PARTIALLY
ACCESSIBLE TO THE PUBLIC
(06.11.2012)
LIMITE
JUR 414
DATAPROTECT 93
JAI 534
MI 503
DRS 99
DAPIX 92
FREMP 107
COMIX 451
CODEC 1923
LEGAL SERVICE OPINION*
Subject:
Proposal for a Regulation of the European Parliament and of the Council on the
protection of individuals with regard to the processing of personal data and on the
free flow of such data (General Data Protection Regulation)
-
Issue of whether this constitutes a development of the Schengen acquis
I.
INTRODUCTION
1.
At the meeting of the Working Party on Information Exchange and Data Protection on 27 and
28 June 2012, the Council Legal Service spoke on the issue of whether or not the
abovementioned proposal for a Regulation constitutes a development of the Schengen acquis.
This opinion elaborates on that contribution.
*
"This document contains legal advice protected under Article 4(2) of Regulation (EC) No 1049/2001 of the
European Parliament and of the Council of 30 May 2001 regarding public access to European Parliament,
Council and Commission documents, and not released by the Council of the European Union to the
public. The Council reserves all its rights in law as regards any unauthorised publication."
12682/12
wer/JD/cz
1
JUR
LIMITE EN
link to page 2 link to page 2 link to page 2
II.
FACTUAL AND LEGAL FRAMEWORK
2.
On 27 January 2012, the Commission referred two proposals to the Council: one for a
Regulation (5853/12) and the other for a Directive (5833/12). The aim of the proposals is to
put in place a new legal framework for the protection of personal data in the EU. They are
based on Article 16(2) of the Treaty on the Functioning of the European Union (TFEU), a
new legal basis introduced by the Lisbon Treaty. The proposed Regulation is intended to
replace Directive 95/46/EC on data protection in the former area of Community competence
1,
while the proposed Directive is designed to replace Framework Decision 2008/977/JHA on
the protection of data in the framework of police and judicial cooperation in criminal matters
2.
The proposal for a Directive has already been deemed a development of the Schengen acquis
(in January 2012)
3. This opinion therefore refers solely to the proposal for a Regulation.
3.
Recital 4 of the proposal for a Regulation states that "
The economic and social integration
resulting from the functioning of the internal market has led to a substantial increase in
cross-border flows. The exchange of data between economic and social, public and private
actors across the Union increased." According to the explanatory memorandum, the aim is
"
to build a stronger and more coherent data protection framework in the EU, backed by
strong enforcement that will allow the digital economy to develop across the internal market,
put individuals in control of their own data and reinforce legal and practical certainty for
economic operators and public authorities".
1
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of
individuals with regard to the processing of personal data and the free movement of such data (OJ L 281,
23.11.1995, p. 31).
2
Council Framework Decision 2008/977/JHA of 27 November 2008 on the protection of personal data processed
in the framework of police and judicial cooperation in criminal matters (OJ L 350, 30.12.2008, p. 60).
3
See point 5 of 5817/12.
12682/12
wer/JD/cz
2
JUR
LIMITE EN
4.
The proposed horizontal Regulation has a very broad scope. It "
applies to the processing of
personal data (…)" (Article 2(1)) by the Member States when carrying out activities which
fall within the scope of Union law; one of the few exceptions is the processing of data when
dealing with criminal matters, which will be covered by the parallel proposal for a Directive
(see the list in Article 2(2)).
5.
The Commission indicates in its proposal that the Regulation is both:
–
a "
text with EEA relevance" (first page of the proposal); and
–
"
a development of provisions of the Schengen acquis to the extent that it applies to the
processing of personal data by authorities involved in the implementation of that
acquis", in respect of Iceland, Norway and Liechtenstein (recitals 136 and 138), which
are signatories to the Agreement on the European Economic Area (EEA), but also in
respect of Switzerland (recital 137) (hereinafter "the associated States").
6.
We shall therefore examine whether or not the proposed Regulation constitutes a development
of the Schengen acquis for some or all of these associated States.
DELETED FROM THIS POINT UNTIL THE END OF THE DOCUMENT (page 8)
________________
12682/12
wer/JD/cz
3
JUR
LIMITE EN