International Conventions - EU context

This section contains International Conventions and Treaties related to privacy and data protection applicable within the Union and/or binding upon the EU Member States, and relevant acts and documents.

 

UN Conventions and Resolutions

 

UN General Assembly, The right to privacy in the digital age (Appointment of a UN Special Rapporteur on the right to privacy), Human Rights Council (69th session), A/HRC/28/L.27, 24 March 2015

http://ap.ohchr.org/documents/dpage_e.aspx?si=A/HRC/28/L.27

 

UN General Assembly Resolution on the right to privacy in the digital age, 68th session, A/RES/68/167, 18 December 2013

http://www.un.org/en/ga/search/view_doc.asp?symbol=A/RES/68/167

 

UN General Assembly, Universal Declaration of Human Rights (UDHR), (183rd Plenary meeting), A/RES/3/217, 10 December 1948 http://un-documents.net/a3r217a.htm

 

UN General Assembly, International Covenant of Civil Political Rights, Resolution 2200A (XXI) of 16 December 1966

http://www.ohchr.org/EN/ProfessionalInterest/Pages/CCPR.aspx

 

Regional Conventions

Council of Europe, Modernised Convention for the Protection of Individuals with Regard to the Processing of Personal Data (Commonly known as Convention 108), 128th Session of the Committee of Minister, Elsinore, Denmark, 17-18 May 2018

https://search.coe.int/cm/Pages/result_details.aspx?Objectld=09000016807c65bf

 

Council of Europe, Guidelines on the protection of individuals with regard to the processing of personal data in a world of Big Data, Consultative Committee of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, T-PD(2017)01, Strasbourg, 23 January 2017

https://rm.coe.int/16806f06d0

 

Council of Europe, Consolidated version of the Modernised Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Commonly known as Convention 108), September 2016

https://rm.coe.int/16806a616c

+ relevant documents connected

http://www.coe.int/en/web/data-protection/modernisation-convention108

 

Council of Europe, European Convention on Human Rights and Fundamental Freedoms, as amended by Protocol 14, CETS no. 194, Strasbourg, 1 June 2010

 http://www.echr.coe.int/Documents/Convention_ENG.pdf

 

Council of Europe, Additional Protocol regarding supervisory authorities and transborder data flows to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, ETS 181, Strasbourg, 28 November 2001

https://rm.coe.int/1680080626

 

Council of Europe, Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Commonly know as Convention 108), ETS 108, Strasbourg, 28 January 1981,

http://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/108

 

International agreements and related documents

 

European Commission, Report of the 21st Trade in Services Agreement (TiSA) negotiation round, 17 November 2016

http://trade.ec.europa.eu/doclib/docs/2016/november/tradoc_155095.pdf

 

European Commission, TiSA EU second revised offer, Schedule of specific documents and list of MFN exceptions, 21 October 2016

  http://trade.ec.europa.eu/doclib/docs/2016/november/tradoc_155096.pdf

 

European Parliament, Resolution on the negotiations for the Trade in Services Agreement (TiSA) containing the European Parliament’s recommendations to the Commission, (2015/2233(INI)), Strasbourg, 3 February 2016

http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+TA+P8-TA-2016-0041+0+DOC+XML+V0//EN

 

European Commission Communication, Trade for All - Towards a more responsible trade and investment policy, to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, COM/2015/0497 final, Brussels, 14.10.2015

http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52015DC0497&from=EN

 

European Commission implementing decision on the adequacy of the protection provided by the EU-U.S. Privacy Shield pursuant to Directive 95/46/EC of the European Parliament and of the Council, C(2016) 4176 final, Brussels, 12.7.2016

http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision_en.pdf

Annex 1 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-1_en.pdf

Annex 2 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-2_en.pdf

Annex 3 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-3_en.pdf

Annex 4 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-4_en.pdf

Annex 5 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-5_en.pdf

Annex 6 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-6_en.pdf

Annex 7 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-7_en.pdf

 

European Commission, guide to the EU-U.S. Privacy Shield, http://ec.europa.eu/justice/data-protection/files/eu-us_privacy_shield_guide_en.pdf

 

Article 29 Working Party, opinion 01/2016 on the EU – U.S. Privacy Shield draft adequacy decision, 16/EN WP 238, 13 April 2016

http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2016/wp238_en.pdf

 

Article 29 Working Party, Statement on the presentation by the European Commission of the EU-U.S. privacy shield, Brussels, 1 March 2016

http://ec.europa.eu/justice/data-protection/article-29/press-material/press-release/art29_press_material/2016/20160229-pressrel_publication_europeancommission_eu-us_privacy_shield.pdf

 

European Commission, Communication on Transatlantic Data Flows: Restoring Trust through Strong Safeguards to the European Parliament and the Council, COM(2016) 117 final, Brussels, 29.2.2016

http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-communication_en.pdf

 

Article 29 Working Party, Statement on the consequences of the Schrems judgment, Brussels, 5 February 2016

http://ec.europa.eu/justice/data-protection/article-29/press-material/press-release/art29_press_material/2016/20160203_statement_consequences_schrems_judgement_en.pdf

 

European Commission, Communication on the Transfer of Personal Data from the EU to the United States of America under Directive 95/46/EC following the Judgment by the Court of Justice in Case C-362/14 (Schrems) to the European Parliament and the Council, COM(2015) 566 final, Brussels, 6.11.2015

http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/files/eu-us_data_flows_communication_final.pdf

 

114th United States Congress, US Freedom Act of 2015 – Uniting and strengthening America by fulfilling rights and ensuring effective discipline over monitoring Act of 2015, 129 STAT. 268, Public Law 114–23, 2 June 2015

https://www.congress.gov/114/plaws/publ23/PLAW-114publ23.pdf

 

European Commission, Communication on the Functioning of the Safe Harbour from the Perspective of EU Citizens and Companies established in the EU to the European Parliament and the Council, COM(2013) 847 final, Brussels, 27.11.2013

http://ec.europa.eu/justice/data-protection/files/com_2013_847_en.pdf

 

European Commission, Decision on the adequacy of the protection provided by the safe harbour privacy principles and related frequently asked questions issued by the US Department of Commerce pursuant to Directive 95/46/EC of the European Parliament and of the Council of 26 July 2000  (notified under document number C(2000) 2441) (Text with EEA relevance.), 2000/520/EC, OJ L 215, 25.8.2000, p.7

http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32000D0520&qid=1459699076673&from=EN

European Commission, decisions on the adequacy of the protection of personal data in third countries – Main documents

 http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm

 

Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for purposes of the Terrorist Finance Tracking Program, OJ L 8/11, Brussels, 13.1.2010 

http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:22010A0113%2801%29

 

Council of the European Union, Draft concerning the renewal of the TFTP Agreement between EU and US, reply to a letter from the Article 29 Data Protection Working Party, 8148/15, 23 April 2015

http://www.statewatch.org/news/2015/apr/eu-council-tftp-agreement-8148-15.pdf

 

European Commission, Proposal for a Council Decision on the signing, on behalf of the European Union, of an Agreement between the United States of America and the European Union on the protection of personal information relating to the prevention, investigation, detection, and prosecution of criminal offenses, COM(2016) 238 final, Brussels, 29.4.2016

http://ec.europa.eu/justice/data-protection/files/umbrella_proposal_en.pdf

 

European Data Protection Supervisor (EDPS), Preliminary Opinion on the agreement between the United States of America and the European Union on the protection of personal information relating to the prevention, investigation, detection and prosecution of criminal offences, Opinion  1/2016, 12 February 2016

https://edps.europa.eu/sites/edp/files/publication/16-02-12_eu-us_umbrella_agreement_en.pdf

 

European Commission, Fact Sheet: Questions and Answers on the EU-US data protection "Umbrella agreement", Brussels, 8 September 2015

 http://europa.eu/rapid/press-release_MEMO-15-5612_en.htm

 

European Commission, Communication on the global approach to transfers of Passenger Name Record (PNR) data to third countries, COM(2010) 492 final, Brussels, 21.09.2010

http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:52010DC0492

 

European Commission, Agreement between the European Union and Australia on the processing and transfer of European Union –sourced passenger name record (PNR) data by air carriers to the Australian Customs Service, OJ L 213/49, 8.8.2008

http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:22008A0808(01)

 

Council of the European Union, Decision on the signing, on behalf of the European Union, of an Agreement between the European Union and the United States of America on the processing and transfer of Passenger Name Record (PNR) data by air carriers to the United States Department of Homeland Security (DHS) (2007 PNR Agreement), 2007/551/CFSP/JHA, Brussels, 23 July 2007 and Washington, 26 July 2007

and

 Agreement between the European Union and the United States of America on the processing and transfer of Passenger Name Record (PNR) data by air carriers to the United States Department of Homeland Security (DHS) (2007 PNR Agreement),  OJ L 204, 4.8.2007

http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2007.204.01.0016.01.ENG&toc=OJ:L:2007:204:TOC#L_2007204EN.01001801

+

European Commission, Report to the European Parliament and the Council on the joint review of the implementation of the Agreement between the European Union and the United States of America on the processing and transfer of passenger name records to the United StatesDepartment of Homeland Security, COM(2013) 844 final, 27.11.2013

https://ec.europa.eu/home-affairs/sites/homeaffairs/files/what-is-new/news/news/docs/20131127_pnr_communication_en.pdf

+

Joint Review, of the implementation of the Agreement between the European Union and the United States of America on the processing and transfer of passenger name records to the United States Department of Homeland Security, SEC(2013) 630 final, 27.11.2013

https://ec.europa.eu/home-affairs/sites/homeaffairs/files/what-is-new/news/news/docs/20131127_pnr_report_en.pdf

 

Council of Europe, Agreement between the European Community and the Government of Canada on the processing of Advance Passenger Information and Passenger Name Record Data, OJ L 86/19, 24.3.2006

http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:22006X0324(01)&from=EN

 

European Commission, Model Contracts for the transfer of personal data to third countries

http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm

 

 

International acts and documents

 

Organisation for Economic Co-operation and Development (OECD) documents

 

OECD, Recommendation of the Council on Consumer Protection in E-commerce, C(2016)13, Paris, 24 March 2016 http://dx.doi.org/10.1787/9789264255258-en

 

OECD, OECD Privacy Framework, 2013

 http://www.oecd.org/sti/ieconomy/oecd_privacy_framework.pdf

 

OECD, Privacy Expert Group Report on the Review of the 1980 OECD Privacy Guidelines, OECD Digital Economy Papers, No. 229, OECD Publishing, 30 August 2013

http://www.oecd-ilibrary.org/science-and-technology/privacy-expert-group-report-on-the-review-of-the-1980-oecd-privacy-guidelines_5k3xz5zmj2mx-en

 

OECD, Council Recommendation on Principles for Internet Policy Making, Paris, 13 December 2011 http://www.oecd.org/sti/ieconomy/49258588.pdf

 

OECD High level Meeting, The internet economy: Generating innovation and growth, Paris, 28-29 June 2011 http://www.oecd.org/internet/innovation/48289796.pdf

 

OECD, Seoul Declaration for the Future of the Internet Economy, Seoul, Korea, 17-18 June 2008

http://www.oecd.org/sti/40839436.pdf

 

 

International Conference of Data Protection & Privacy Commissioners (ICDPPC) documents

 

International Conference of Data Protection & Privacy Commissioners (ICDPPC), Resolution on International Enforcement Cooperation, Marrakesh, 18 October 2016

https://icdppc.org/wpcontent/uploads/2015/02/7._resolution_on_international_enforcement_cooperation.pdf

 

International Conference of Data Protection & Privacy Commissioners (ICDPPC), Resolution on Transparency Reporting, Amsterdam, 27 October 2015

https://icdppc.org/wp-content/uploads/2015/02/Resolution-on-Transparency-Reporting.pdf

 

International Conference of Data Protection & Privacy Commissioners (ICDPPC), Resolution on Big Data, Republic of Mauritius, Fort Balaclava, Mauritius, October 2014

https://icdppc.org/wp-content/uploads/2015/02/Resolution-Big-Data.pdf

 

International Conference of Data Protection & Privacy Commissioners (ICDPPC), Resolution on Enforcement Cooperation, Fort Balaclava, Mauritius, October 2014

https://icdppc.org/wp-content/uploads/2015/02/ResolutionInternational-cooperation.pdf

 

International Conference of Data Protection & Privacy Commissioners (ICDPPC), Resolution on Privacy in the Digital Age, Fort Balaclava, Mauritius, October 2014

https://icdppc.org/wp-content/uploads/2015/02/Resolution-Privacy-in-the-digital-age.pdf

 

International Conference of Data Protection & Privacy Commissioners (ICDPPC), Mauritius Declaration on the Internet of Things, Fort Balaclava, Mauritius, 14 October 2014

https://icdppc.org/wp-content/uploads/2015/02/Mauritius-Declaration.pdf

 

International Conference of Data Protection & Privacy Commissioners (ICDPPC), Global Cross Border Enforcement Cooperation Arrangement, October 2014

https://icdppc.org/wp-content/uploads/2015/02/Global-Cross-Border-Enforcement-Cooperation-Arrangement.pdf

 

Other documents

 

Global Privacy Enforcement Network (“GPEN”), 2014 Global Privacy Enforcement Network (GPEN) Annual Report 2014, 1 April 2015

https://www.privacyenforcement.net/node/513

 

World Summit on the Information Society (WSIS), WSIS + 10 outcome document, Geneva, June 2014

http://www.itu.int/net/wsis/implementation/2014/forum/inc/doc/outcome/362828V2E.pdf