Читать книгу Privacy and Data Protection based on the GDPR - Leo Besemer - Страница 16

1.1.1.4 Council of Europe (CoE) Convention 108

Оглавление

The OECD guidelines were formalized in 1981 in Council of Europe Convention 108, the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, which made it the first legally binding international instrument to set standards for the protection of personal data, whilst at the same time again aiming for a balance with the need for a free flow of personal data for international trade purposes. Convention 108 is also known as “the Treaty of Strasbourg”, but due to the place of Strasbourg in European history there are many treaties by that name. Convention 108 came into force on 10 October 1985, after the required five Member States had ratified it. By today, 55 countries have ratified the treaty, among them eight non-members of the Council of Europe.

A weakness in Convention 108 proved to be that it did not provide for transfers of personal data to countries that had not signed Convention 108. This was addressed in 2001 with the Additional Protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data regarding supervisory authorities and transborder data flows. (CETS 181). This additional protocol introduced independent supervisory authorities in each country that signed it, and included the concept of an ‘adequate’ (in contrast to equivalent) level of protection for cross-border personal data transfers to non-EU countries.

It should be noted that CoE Convention 108 is still binding for states that have ratified it. Over the years, the European Court of Human Rights (ECtHR) has ruled that personal data protection is an important part of the right to respect for private life (EHCR Article 8), and has been guided by the principles of Convention 108 in determining whether or not there has been an interference with this fundamental right.

In 2012 Convention 108 was modernized after public consultations, including reinforcements to the protection of privacy in the digital arena. The modernization process was completed with the adoption of a protocol amending Convention 108 (Protocol CETS No. 223).

The Schengen Agreement abolishing internal borders between most EEC Member States and the political changes in Europe in the 1980s lead to the ‘Single European Act’ (SEA), which came into force on 1 July 1987. An important aim of this Act was to establish a single European market by 31 December 1992. It was the first major revision of the 1957 Treaty of Rome1. The SEA reformed the legislative processes of the European Community, particularly with regard to the decision-making procedure within the Council, the powers of the European Commission and the powers of the European Parliament, changing it into a formal legislative body. The SEA was intended to remove barriers and to increase harmonization and competitiveness among European countries.


Figure 1.4 EU logo.

A next step in the development of an “ever-closer union among the peoples of Europe” was the Maastricht Treaty, which entered into force on 1 November 1993. The Treaty merged the European Economic Community (EEC), the European Coal and Steel Community (ECSC) and the European Atomic Energy Community (Euratom) into a single institutional structure, the European Union (EU). The EU consists of the Council, the European Parliament, the European Commission, the Court of Justice and the Court of Auditors which exercise their powers in accordance with the Treaties.

Privacy and Data Protection based on the GDPR

Подняться наверх