2020 edition
Data Protection Day

Today, 28 January, Data Protection Day is celebrated around the world to mark the opening for signature in 1981 of the first international treaty aimed at protecting personal data: the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, also known as “Convention 108”.

With a worldwide scope of application, open to any country, 55 states have joined the treaty and many others have used its provisions as a model to shape their national legislation, giving it the potential to become a global standard.

Whilst the treaty has remained an effective tool for international cooperation in this field for nearly 40 years, in 2018 the Council of Europe adopted a protocol amending its provisions in order to address the development of new technologies and to strengthen its monitoring mechanism.

Already 35 Council of Europe member States have signed this new treaty, as well as Argentina, Tunisia and Uruguay. Three countries have already also ratified it: Bulgaria and Croatia in December 2019 and Lithuania on 23 January 2020. Once in force, the modernised convention - known as Convention 108+ - will provide additional safeguards to data protection globally.

Stefano Rodotà Award

The 2020 Stefano Rodotà Award has been granted to the PhD student Camilla Tabarrini for her article “Understanding the Big Mind - Does the GDPR Bridge the Human-Machine Intelligibility Gap?”, published in Il diritto dell’informazione e dell’informatica.

Granted on the occasion of Data Protection Day, the Council of Europe´s Stefano Rodotà Award honours innovative and original academic research projects in the field of data protection.

Data protection international conference

Ahead of Data Protection Day, a Council of Europe delegation participated in the annual “Computers, Privacy and Data Protection” international conference (CPDP), where it organised a session on the work that the organisation is carrying out in the field of Artificial Intelligence. It also took part in the panels « Digital identity in Africa and the Middle East » and “Changing technology and laws: can accountability be a key to global compliance?”.

Data Protection Day Strasbourg 28 January 2020
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
2019 edition
New guidelines on artificial intelligence
Shutterstock.com

Shutterstock.com

On the occasion of Data Protection Day on 28 January, the Committee of the Council of Europe's data protection treaty “Convention 108” has published Guidelines on Artificial Intelligence and Data Protection.

The guidelines aim to assist policy makers, artificial intelligence (AI) developers, manufacturers and service providers in ensuring that AI applications do not undermine the right to data protection.

The Convention's Committee underlines that the protection of human rights, including the right to protection of personal data, is essential when developing or adopting AI applications, in particular when they are used in decision-making processes, and that such AI application be based on the principles of the updated data protection convention, “Convention 108+, opened for signature on 10 October 2018.

In addition, any AI application should pay close attention to avoiding and mitigating the potential risks of processing of personal data, and allow meaningful control by data subjects over the data processing and its effects.

Minister for Foreign Affairs of Finland and Chair of the Committee of Ministers of the Council of Europe Timo Soini welcomed the adoption of the guidelines and said: “Artificial intelligence brings benefits to our daily lives. At the same time, it is necessary to look into the ethical and legal questions that it raises. To ponder this, we have invited many high-level experts from all member states to a conference on the impacts of artificial intelligence development on human rights, democracy and the rule of law in Helsinki on 26 and 27 February that will allow us to exchange thoughts and knowledge”.

Stefano Rodotà Award

The first Council of Europe´s Stefano Rodotà Award has been granted to Ingrida Milkaite and Eva Lievens, for their work in a research project carried out at Ghent University, which investigates the privacy and data protection from a children's rights perspective: A children’s rights perspective on privacy and data protection in the digital age.

The winners will have the opportunity to present their project at the next plenary session of the Committee of Convention 108 in Strasbourg in June 2019. To be awarded annually on the occasion of Data Protection Day, the Stefano Rodotà Award honours innovative and original academic research projects in the field of data protection.

Council of Europe at data protection conferences

Council of Europe delegations are participating this week in an international conference organised by the Moroccan national data protection Commission in Fez, Morocco, on 28 January, as well as in the Computers, Privacy and Data Protection (CPDP) conference in Brussels from 30 January to 1 February.

Data Protection Day

Created by the Council of Europe in 2006, Data Protection Day is celebrated every year on 28 January, the date on which the Council of Europe’s Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data was opened for signature. Data Protection Day is now celebrated globally and is called "Privacy Day" or "Data Privacy Day" outside Europe.

Council of Europe Strasbourg 28 January 2019
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
2018 edition
Data Protection Day

On 28 January the Council of Europe will celebrate the Data Protection Day, which marks the opening for signature in 1981 of the Council of Europe’s data protection convention, “Convention 108”.

More than 50 countries around the world have already signed up to the convention, which sets out key principles in the area of personal data protection and is the only international treaty in this field.

The convention has been ratified by the 47 Council of Europe member states and Mauritius, Senegal, Uruguay and Tunisia. Other countries such as Argentina, Burkina Faso, Cabo Verde, Mexico and Morocco have been invited to accede. Many more participate as Observers States in the work of the Committee of the Convention (Australia, Canada, Chile, Ghana, Indonesia, Israel, Japan, Korea, New-Zealand, United States of America).

“Convention 108” is currently being updated to address that challenges for privacy resulting from the use of new information and communication technologies, to strengthen its follow-up mechanism, and to ensure it is compatible with various normative frameworks around the world, including the EU legal framework.

Panel discussion

On 25 January, the Council of Europe organised a panel discussion at the Brussels 2018 Computers, Privacy and Data Protection (CPDP) conference, on the potential of the convention to become a global standard and on its convergence with the EU data protection framework.

Additional information on Data Protection Day

Modernisation process

Council of Europe Strasbourg 26 January 2018
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
2017 edition
Data Protection Day: guidelines to protect the people behind Big Data

Ahead of Data Protection Day on 28 January, the Committee of the Council of Europe´s Data Protection Convention, also known as “Convention 108”, adopted this week Guidelines on Big Data aiming to assist policy makers and organisations processing personal data to place people at the centre the digital economy.

The nature of Big Data may make very challenging the application of traditional principles of personal data protection, such as purpose limitation or data minimisation. The guidelines contain a set of recommendations such as:

  • Any Big Data processing of personal data should comply with the requirement of free, specific, informed and unambiguous consent, and the principles of purpose limitation, fairness and transparency.
  • Data processors should provide easy and user-friendly technical way for individuals to withdraw their consent.
  • Data controllers and processors should assess the likely impact on human rights of Big Data processing, for example, by establishing ethical committees. They should carry out risk assessments, and develop solutions by-design and by-default to mitigate the risks.
  • The technical anonymisation of data could be combined with legal or contractual obligations to prevent possible re-identification of the persons concerned.

Alessandra Pierucci, Chairperson of the Committee of “Convention 108” highlighted “the importance of providing guidance on what has become in the past years an exponential source of knowledge, and an exponential source of processing of personal data. This first step of the Committee towards a stronger protection of persons in our big data environment will have to lead to further steps, to follow the fast pace evolution of big data related technologies”.

A Council of Europe delegation is participating today in a session on the Council of Europe’s approach to Big Data at the 10th Edition of the “Computers, Privacy and Data Protection” international conference (CDPC), which is held in Brussels from 25 to 27 January.

Council of Europe Strasbourg 27 January 2017
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
2016 edition
© Shutterstock

© Shutterstock

The Council of Europe is organising a workshop on 28 January in Brussels at the 9th Edition of the “Computers, Privacy and Data Protection international conference” (CPDP) to take stock of ten years of experience of the Data Protection Day, and to assess how this celebration has contributed to raise awareness about the protection of personal data in Europe and beyond.

This year is the 10th anniversary of the Data Protection Day, which was established by the Committee of Ministers of the Council of Europe in 2006. The date was chosen to mark the opening for signature of the data protection convention, known as “Convention 108”, on 28 January 1981.

The aim of the workshop will be to recall the objective of this celebration, why it matters and the progress made since 2006; show-case some great practices and initiatives; and take stock of the difficulties encountered. The multi-stakeholder panel will be chaired by Maria Michaelidou, programme advisor at the Data Protection Unit of the Council of Europe and moderated by Christiana Markou, lecturer in law at European University Cyprus.

The Council of Europe is also co-organising, on the same day, together with the European Data Protection Supervisor and the American National Cyber Security Alliance a transatlantic dialogue on the development of a sustainable 'Big Data' ecosystem, with speakers both in Washington D.C. and in Brussels.

During the conference, will be held from 27 to 29 January, the Council of Europe delegation will also contribute to panels on “Cross Border Data Requests for Law Enforcement in the Post-Snowden Era”, “Intelligence services surveillance in the EU: fundamental rights, safeguards and remedies” and “Internet architecture and human rights”.

CPDP is a non-profit platform originally founded in 2007 by research groups from the Vrije Universiteit Brussel, the Université de Namur and Tilburg University and has now grown into a platform carried by 20 academic centres of excellence from the EU, the US and beyond.

Every year it brings together academics, lawyers, practitioners, policy-makers, industry and civil society from all over the world to exchange ideas and discuss the latest emerging issues and trends.


Max Schrems, privacy activist and founder of the Europe vs Facebook initiative, stresses that the lack of enforcement is the biggest problem for the protection of personal data in Europe. Max Schrems initiated the legal proceedings that led to the ruling of the EU Court of Justice which invalidated the European Commission’s “Safe Harbor” scheme.

Jean-Philippe Walter, Chair of the Consultative Committee of “Convention 108”, explains the key challenges to the protection of personal data today, in particular the lack of transparency in the processing of data. He also explains the objectives of the ongoing process to update “Convention 108” to adapt it to new technological developments.

Counil of Europe Strasbourg 28 January 2016
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
2015 Edition
Shutterstock

Shutterstock

Today, 28th of January, Europe and the Council of Europe celebrate their 9th edition of Data Protection Day.

Such event is destined to mark the anniversary of the opening for signature of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data – known as Convention 108 as well – which was, and still remains, the only legally binding international instrument in the data protection field.

As such, the Convention aims to secure respect of the individual’s right to privacy, with regard to automatic processing of personal data, carried out by both the private and the public sector. At the same time, it seeks to impose restrictions on the free flow of transborder data where equivalent legal protection is not provided. As a response to the consultation process carried out by the Council of Europe, a modernisation process of the Convention 108 started in 2011 and led to the finalisation of the work by the Ad-hoc Committee on Data Protection (CAHDATA) in December 2014.

For this 9th edition, the Data Protection Unit is once again contributing to the International Conference on Computer, Privacy and Data Protection in Brussels.

headline Council of Europe Strasbourg 28 January 2015
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
2014 Edition
Council of Europe
Illustration: Shutterstock

Illustration: Shutterstock

The Council of Europe and the European Union Agency for Fundamental Rights (FRA) launched today - on Data Protection Day - a practical guide to European data protection law.

The handbook is the first comprehensive guide to Council of Europe and European Union law on data protection, taking into account the case law from the European Court of Human Rights and the Court of Justice of the European Union. It explains how data protection is regulated under EU law as well as the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, and other Council of Europe instruments.

The handbook is aimed at non-specialist legal professionals, judges, national data protection authorities and anyone else that may be confronted with legal questions in the area of data protection. It covers issues such as data protection terminology; key principles and the rules of data protection law; data subjects' rights and their enforcement; transborder data flow; and data protection in the context of police and criminal justice.

The guide will be launched in English with versions in Bulgarian, Croatian, Danish, Dutch, Estonian, Finnish, French, German, Greek, Hungarian, Italian, Latvian, Lithuanian, Polish, Portuguese, Romanian, Slovak, Slovenian and Spanish to follow later this year.

Press release

Strasbourg 28/01/2014
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
2013 Edition
Convention for the Protection of individuals with regard to automatic processing of personal data
Data Protection Day 2013

The Council of Europe is celebrating Data Protection Day, which commemorates the opening for signature on 28 January 1981 of "Convention 108", the Convention on the Protection of individuals with regard to automatic processing of personal data.

Convention 108 is the only legally binding treaty in the privacy field, harmonising protection on the basis of minimum standards. At present 44 states are bound by it and in the near future Uruguay will become the first non-European country to become a state party.

The convention is currently being updated to respond to new privacy concerns resulting from the use of new information technologies and to strengthen its follow-up mechanism. The aim is to offer robust protection across countries and jurisdictions. Close cooperation with the European Union will ensure consistency with the EU´s own data protection legal framework, which is also being reviewed.

The Consultative Committee recently adopted the first draft text of the updated convention, which will be examined by an intergovernmental Council of Europe committee in 2013, before being eventually submitted for adoption by the Committee of Ministers at a later stage.

The Council of Europe also provides technical support to countries, in particular in the form of legislative expertise and help with bringing national legislation into line with international personal data protection standards.

Data Protection Day was launched by the Council of Europe in 2006 and is celebrated across and beyond Europe to make personal data protection better known.

Strasbourg 25/01/2013
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page