Transcript Slide 1
COMMISSION FOR PERSONAL DATA PROTECTION
14 TH Meeting, CEEDPA 20-21 may, Kyiv
LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION
MARIYA MATEVA – member of the Board, CPDP LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION
COMMISSION FOR PERSONAL DATA PROTECTION
14 TH Meeting, CEEDPA 20-21 may, Kyiv
AGENDA I. About the commission for personal data protection II. CPDP Powers under the Law for Protection of Personal Data III. Implementation of European legislation into the Bulgarian legal framework IV. The structure of the Bulgarian data protection framework V. The extend to which priorities of The Commission for 2911 have been HAVE BEEN VI. Objectives and priorities for 2012 LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION
COMMISSION FOR PERSONAL DATA PROTECTION
14 TH Meeting, CEEDPA 20-21 may, Kyiv
I. About the commission for personal data protection
The Commission for Personal Data Protection is the supervisory authority of the Republic of Bulgaria.
It undertakes the protection of individuals in processing of their personal data and in providing access to those data, as well as control on compliance with the Law for Protection of Personal Data. The Commission for Personal Data Protection was first established by decision of the Parliament dated 23 May, 2002.
LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION
COMMISSION FOR PERSONAL DATA PROTECTION
14 TH Meeting, CEEDPA 20-21 may, Kyiv
I. About the commission for personal data protection
The Commission for Personal Data Protection is an independent, jointly governed authority and consists of a Chairperson and Four members. The Members of the commission and its Chairperson are elected by the Parliament by proposal of the Council of Ministers for a term of 5 years, and they may be re-elected for another mandate.
On 19 December 2007 the second office of the Commission was elected.
LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION
COMMISSION FOR PERSONAL DATA PROTECTION
14 TH Meeting, CEEDPA 20-21 may, Kyiv
II. CPDP Powers under the Law for Protection of Personal Data
1. Analyze and monitor compliance with the legal framework in the field of personal data protection 2. Keep a register of personal data controllers and the personal data registers kept by them; 3. Inspect personal data controllers in connection with its activities 4. Give opinions and issue permissions in the cases provided for in the Law 5. Issue compulsory instructions to data controllers in connection with personal data protection
LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION
COMMISSION FOR PERSONAL DATA PROTECTION
14 TH Meeting, CEEDPA 20-21 may, Kyiv
II. CPDP Powers under the Law for Protection of Personal Data
6. Suspend, upon prior notification, any personal data processing that violates the provisions for personal data protection 7. Handle complaints against acts issued or any actions of data controllers, which violate the rights of individuals under this Law, as well as third parties’ complaints in relation to their rights under this Law 8. Participate in drawing up and obligatory issuing of opinions with regard to draft laws and regulations in the field of personal data protection 9. Issue subordinate legal acts in data protection field
LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION
COMMISSION FOR PERSONAL DATA PROTECTION
14 TH Meeting, CEEDPA 20-21 may, Kyiv
II. CPDP Powers under the Law for Protection of Personal Data
10. Participate in the activities carried out by the international organizations on the matters of its competence 11. Participate in the negotiations and conclusion of bilateral or multilateral agreements on matters of its competence 12. To organize and coordinates the training of personal data controllers in the personal data protection filed
LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION
COMMISSION FOR PERSONAL DATA PROTECTION
14 TH Meeting, CEEDPA 20-21 may, Kyiv
III. Implementation of European legislation into the Bulgarian legal framework
• Convention for the Protection of Human Rights and Fundamental Freedoms, ratified on July 31st 1992 • Convention № 108 of the Council of Europe on the protection of individuals with regard to automatic processing on personal data, ratified in 2002 • The Directive 95/46/ЕC of the European Parliament and the Council, introduced into the national legislation by the Law for Protection of Personal Data
LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION
COMMISSION FOR PERSONAL DATA PROTECTION
14 TH Meeting, CEEDPA 20-21 may, Kyiv
IV. The structure of the Bulgarian data protection framework
• The Law for Protection of Personal Data, first adopted in 2002 • The Rules on the activity of the Commission for personal data protection and its administration • Ordinance № 1 dated 7 February 2007 on the minimal level of technical and organizational measures and the admissible type of personal data protection In 2011, the process of transposition into the Bulgarian legislation of Framework Decision 2008/977/JHA on the protection of personal data processed in the framework of police and judicial co-operation in criminal matters was completed.
LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION
COMMISSION FOR PERSONAL DATA PROTECTION
14 TH Meeting, CEEDPA 20-21 may, Kyiv
V. The extend to which priorities of The Commission for 2011 have been
• The main priority of the Commission was to increase the awareness of the individuals concerning their rights in the personal data protection field • Another priority set out in 2011 and accomplished in 2012 was the strengthening of the bilateral cooperation with other relevant supervisory authorities • The third priority in the activity of the Commission in 2011, was to actively participate in the work of European institutions and the development of rules, requirements and higher personal data protection standards • The final objective of the Commission was focused on the obligations arising out from the Law on Electronic Communications
LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION
COMMISSION FOR PERSONAL DATA PROTECTION
14 TH Meeting, CEEDPA 20-21 may, Kyiv
VI. Objectives and priorities for 2012
• Participation in activities related to the European data protection reform • Continuation of our information and educational activities on various aspects and among different target groups in society • Research on the particular needs of data controllers for training in the data protection filed • An important priority for the Commission in 2012 is related to the new powers conferred to CPDP with the latest amendments to the Law on Personal Data Protection in 2010 and 2011 • To build up e-Government, the Commission considers that the electronic services it provides to citizens could be considered part of the E-government of the country
LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION
COMMISSION FOR PERSONAL DATA PROTECTION
14 TH Meeting, CEEDPA 20-21 may, Kyiv
COMMISSION FOR PERSONAL DATA PROTECTION 15, Acad. Ivan Geshov blvd.
1431 Sofia BULGARIA
• • • •
tel.: +359 2 915 35 18 fax: +359 2 915 35 25 e-mail: [email protected]
www.cpdp.bg
LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION