Back Data Protection Day: New guidelines to ensure that national digital identity systems respect human rights standards

Consultative Committee of Convention 108 Strasbourg 27 January 2023
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
  • Imprimer en PDF
Data Protection Day: New guidelines to ensure that national digital identity systems respect human rights standards

To mark Data Protection Day, celebrated every year on 28 January, the president of the Consultative Committee of the Council of Europe data protection “Convention 108”, Elsa Mein, has stressed the need for national digital identity schemes and systems to comply with human rights standards, especially the respect to the right to privacy and personal data protection.

The Consultative Committee, which represents all parties to the convention, has published new guidelines to help governments and other actors involved in setting up and managing systems that process a range of personal data in order to certify the authenticity of an individual´s “legal identity” before the law and vis-à-vis the state.

The guidelines seek to apply the principles and provisions of the modernised data protection convention - Convention 108+. They emphasise that, given the potential for adverse impacts on human rights, national digital identity systems should take a human-rights-centered approach and explicitly integrate human rights law into their regulation, design, implementation and operation.

Data Protection Day commemorates the opening for signature of the Council of Europe data protection convention on 28 January 1981, also known as “Convention 108”. Today this treaty is the only international, multilateral and legally binding instrument to protect privacy and personal data. It has 55 parties and 36 observers.

In 2018 an amending protocol modernising the Convention 108 was adopted and opened for signature. Building on the achievements of the 1981 treaty, the updated convention – known as “Convention 108+” - aims to address the challenges for privacy resulting from the use of new information and communication technologies, establishes the convention’s follow-up mechanism and bring together various normative frameworks developed in different regions of the world. With Iceland´s ratification on 20 January 2023, already 21 states have ratified the amending protocol. Another 22 states have signed it with a view to its ratification.

On the eve of Data Protection Day, the winners of the 5th edition of the Council of Europe’s data protection Stefano Rodotà Award were announced: In the thesis category, Janis Ching Wong for her thesis “Co-creating data protection solutions through a Commons” and in the articles category a co-authored work by Sebastiao Bernardo Bruco Geraldes de Barros Vale, Katerina Demetzou and Gabriela Zanfir-Fortuna entitled “The Thin Red Line: Refocusing Data Protection Law on ADM, A Global Perspective with Lessons from Case-Law”. A special mention was also awarded to the work by Francesca Musiani and Ksenia Ermoshina on “Concealing for Freedom: The Making of Encryption, Secure Messaging and Digital Liberties”.

What is the right to privacy and how is it protected under the European Convention on Human Rights?
See some example cases of how the ECHR acts to secure your privacy rights, including data and information privacy.