The International Data Protection Day, celebrated every 28 January, finds us at a defining moment. Digital transformation and the deployment of artificial intelligence are driving strategic policy and standard-setting decisions on governance, regulation and competitiveness, at a time of accelerating geopolitical change.

In this evolving landscape, protecting personal data remains essential to safeguarding individual rights, democratic values and trust in the digital environment.

The entry into force of Convention 108+ therefore represents a strategic political commitment in shaping a rights-based agenda, by establishing a level playing field, open to all continents, that many countries are ready to step in.

Convention 108+ stands today as a globally relevant and future-oriented framework. Its technological neutrality and human rights approach make it a central multilateral platform for cooperation, dialogue and policy influence, capable of addressing emerging challenges while promoting responsible innovation and safe transborder flows of personal data. In this way, Convention 108+ provides sustainability, coherence and trust.

This commitment is clearly reflected in the activities of the Committee of Convention 108. With a new Working Plan as a strategic roadmap for the coming years, the Committee is advancing in concrete priorities, including the development of guidelines on neurotechnologies and large language models. Through these efforts, the Convention continues to evolve as a living instrument, integrating data protection as a cross-cutting public value across emerging technologies and related policy areas, including trade and international data governance.

Today, we celebrate the strength of this shared mission. The pluralism of the Committee, its common objectives and its long-term engagement reflect the ambition to ensure that technological progress serves people, strengthens democracy and improves the quality of life of individuals in the digital age. Through international cooperation, we continue to turn this vision into reality, and we invite more countries to engage with and join Convention 108+.

Have an excellent International Data Protection Day!

Beatriz de Anchorena

On 28 January, we celebrate the anniversary of the opening for signature in 1981 of the Council of Europe’s Convention 108 — the world’s first binding international treaty dedicated to the protection of personal data. For more than four decades, Convention 108, together with its modernised successor, Convention 108+, has formed a cornerstone of the European and global human rights architecture. It reflects a shared understanding that the protection of personal data, as a human right, constitutes a living legal guarantee — one that must continuously evolve in response to societal and technological developments, while remaining firmly grounded in respect for human rights and the rule of law.

International Data Protection Day — widely known as Privacy Day — is now observed worldwide. Its universal resonance reflects a growing awareness that privacy and data protection have never been more vital. This is not because risks are novel, but because their scale, reach, and impact have fundamentally changed. Data-driven systems increasingly shape decisions that affect the most intimate and essential aspects of our lives — health, employment, access to services, freedom of movement, and participation in democratic processes. Rapid technological developments, particularly in artificial intelligence, biometric and neurotechnologies, and large-scale analytics, have vastly expanded the capacity to collect, combine, and infer personal data. These technologies offer extraordinary opportunities, yet they also amplify long-standing risks: opacity in decision-making, embedded bias and discrimination, and forms of surveillance that test the limits of necessity and proportionality.

In this evolving landscape, the protection of personal data is inseparable from respect for human rights, human dignity, individual autonomy, and democratic life. It serves as a safeguard against arbitrariness in the exercise of public and private power, ensuring that individuals retain the ability to understand, contest, and seek redress for decisions that affect them.

Data protection also serves as a critical counterbalance to opaque and dominant data-processing practices, including situations of structural imbalance or monopoly, ensuring that technological innovation remains firmly anchored in human rights, democratic accountability, and the rule of law. Far from being an obstacle to progress, data protection is a precondition for trust — and trust is the foundation upon which sustainable and inclusive digital transformation must be built.

Future-proof data protection, therefore, requires more than aspiration. It demands clear and coherent legal frameworks, effective remedies, genuinely independent oversight, and international cooperation capable of responding to technological change without compromising rights. Convention 108+ provides such a framework. Its technology-neutral, principled approach enables innovation while safeguarding transparency, accountability, and meaningful human oversight in data-driven systems. As a unique global instrument, Convention 108+ reconciles high standards of human rights protection with the facilitation of trusted and secure data flows across borders.

In 2026, States bear a clear responsibility to ensure that Convention 108+ enters into force without delay, to accelerate signature and ratification where still pending, and to guarantee its effective implementation in practice. Doing so will further strengthen the global architecture of human-rights-based data protection.

This commitment must also begin at home. The Council of Europe bears a particular responsibility to lead by example. Ensuring transparency, accountability, and independent oversight in the Organisation’s own data-processing activities is essential to maintaining credibility, public trust, and fidelity to the values we promote beyond our walls.

On this International Data Protection Day, we reaffirm a collective vision: a future in which data protection is reinforced — not eroded — by technological change; where innovation serves people and society, not the other way around; and where human rights remain real, effective, and meaningful in practice — not only in principle, but in the lived experience of individuals across Europe and beyond.

Data Protection Commissioner
Council of Europe
28 January 2026