European Data Protection and e-Privacy - Transnational Resources
This page provides resources on transnational European initiatives in data protection and electronic privacy since the 1970s. It is particularly focused on enabling access to foundational documents produced by both the Council of Europe and the European Union which are otherwise difficult to locate. The page complements the country-level resources (on European Economic Area States, Switzerland and the UK) which are also on the CIPIL site.
Council of Europe
The Council of Europe is the most established European (and indeed global) actor operating in the area data protection and electronic privacy. Most of its core output including legal instruments and reports/studies/opinions are available on its own data protection website. However, a range of important historic documents produced by the Council of Europe are not available there and so are provided here alongside the year in which they were produced.
1980: Recommendation No. R (80) 13 on Exchange of Legal Information relating to Data Protection
1981: Recommendation No. R (81) and Explanatory Memorandum on Regulations for Automated Medical Data Banks (superseded by R (97) on the Protection of Medical Data and Explanatory Memorandum)
1981: Recommendation No. R (81) 19 on Access to Information held by Public Authorities
1983: Recommendation No. R (83) 10 and Explanatory Memorandum on the Protection of Personal Data used for Scientific Research and Statistics (superseded vis-à-vis statistics by R (97) 5 concerning the Protection of Personal Data Collected and Processed for Statistical Purposes and Explanatory Memorandum)
1989: Recommendation No. R (89) 2 and Explanatory Memorandum on the Protection of Personal Data Used for Employment Purposes (superseded by Recommendation CM/Rec(2015)5 of the Committee of Ministers to member States on the processing of personal data in the context of employment and Explanatory memorandum)
European Union
Early Documents
What is now the European Union has also been involved in the data protection and electronic privacy developments since the 1970s. Some of its early documents are also somewhat hard to locate and so are provided here.
European Travaux
Since the 1990s the EU has become the central European (and, in many respects, global) actor on data protection and electronic privacy. The centerpiece of CIPIL's efforts here relate to facilitating access to the travaux of the principal legal instruments which have been produced. Links to the travaux related to the historic instruments which are not already available have been made available in full OCR text, accompanied by a document listing and an article-by-article index. We also provide the Interinstitutional File Code (COD) for the principal new instruments which have been subsequently adopted which enable the sourcing of material on both the Council of the EU and European Parliament online Public Registers.
1995: Directive 95/46/EC on the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of such Data [Data Protection Directive] (and article-by-article index) [whole instrument now replaced by Regulation 2016/679/EU – see below]
1997: Directive 97/66/EC concerning the Processing of Personal Data and the Protection of Privacy in the Telecommunications Sector (and article-by-article index) [whole instrument replaced by Directive 2002/58/EC– see below]
2002: Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) [amended by Directive 2006/24/EC and Directive 2009/36/EC – see below] - COD 2000/0189
2006: Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC [declared invalid by Court of Justice in C-293/12 Digital Rights Ireland on 8 April 2014] – COD 2005/0182
2009: Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws - COD 2007/0248
2016 - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – COD 2012/0011/COD
Ongoing from 2017: Proposal for a Regulation concerning the Respect for Private Life and the Protection of Personal Data in Electronic Communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications) – COD 2017/0003