Data protection authority to monitor EU research policy and projects
EU research projects, particularly in the area of information and communication technologies (ICT), need to ensure that privacy and personal data protection requirements are fully respected, according to the European Data Protection Supervisor (EDPS). In a policy paper, the body has outlined how it will help with this task. The EDPS is an independent supervisory authority devoted to protecting personal data and privacy and promoting good practice in the EU institutions and bodies. It does so by monitoring the EU administration's processing of personal data and advising on policies and legislation that affect privacy. The body also cooperates with similar authorities to ensure consistent data protection. In its latest policy paper, the EDPS recommends that a 'privacy by design' approach should taken in research projects funded under the Seventh Framework Programme (FP7). 'Privacy and data protection requirements need to be highlighted and applied as soon as possible in the life cycle of new technological developments in order to contribute to a better implementation of the data protection legal framework. 'The European RTD [research and technological development] efforts constitute a very good opportunity to accomplish these goals and the EDPS considers that the principle of 'privacy by design' should represent an inherent part of these RTD initiatives,' reads the policy paper. To assist in this task, the EDPS says that it will provide focused contributions at various stages of research policy and project development, from the definition and design of thematic areas, to the evaluation of project proposals and their final deliverables. In addition, the body will identify emerging technological trends that are expected to have an impact on the EU data protection framework. As an independent authority, the EDPS may also offer an opinion on data protection issues emerging during the lifecycle of a research project. Opinions can focus on the methodologies implemented or on the results obtained in the project. Given the growth of data protection issues in relation to ICT, the EDPS will focus mainly on research undertaken in this field. However, the authority says it does not exclude the possibility of monitoring a select number of projects from other FP7 thematic areas, such as Security Research, Health and Transport.