2018 edition 2018 edition
Council of Europe Strasbourg 26 January 2018
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
  • Imprimer en PDF
Data Protection Day

On 28 January the Council of Europe will celebrate the Data Protection Day, which marks the opening for signature in 1981 of the Council of Europe’s data protection convention, “Convention 108”.

More than 50 countries around the world have already signed up to the convention, which sets out key principles in the area of personal data protection and is the only international treaty in this field.

The convention has been ratified by the 47 Council of Europe member states and Mauritius, Senegal, Uruguay and Tunisia. Other countries such as Argentina, Burkina Faso, Cabo Verde, Mexico and Morocco have been invited to accede. Many more participate as Observers States in the work of the Committee of the Convention (Australia, Canada, Chile, Ghana, Indonesia, Israel, Japan, Korea, New-Zealand, United States of America).

“Convention 108” is currently being updated to address that challenges for privacy resulting from the use of new information and communication technologies, to strengthen its follow-up mechanism, and to ensure it is compatible with various normative frameworks around the world, including the EU legal framework.

Panel discussion

On 25 January, the Council of Europe organised a panel discussion at the Brussels 2018 Computers, Privacy and Data Protection (CPDP) conference, on the potential of the convention to become a global standard and on its convergence with the EU data protection framework.

Additional information on Data Protection Day

Modernisation process

2017 edition 2017 edition
Council of Europe Strasbourg 27 January 2017
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
  • Imprimer en PDF
Data Protection Day: guidelines to protect the people behind Big Data

Ahead of Data Protection Day on 28 January, the Committee of the Council of Europe´s Data Protection Convention, also known as “Convention 108”, adopted this week Guidelines on Big Data aiming to assist policy makers and organisations processing personal data to place people at the centre the digital economy.

The nature of Big Data may make very challenging the application of traditional principles of personal data protection, such as purpose limitation or data minimisation. The guidelines contain a set of recommendations such as:

  • Any Big Data processing of personal data should comply with the requirement of free, specific, informed and unambiguous consent, and the principles of purpose limitation, fairness and transparency.
  • Data processors should provide easy and user-friendly technical way for individuals to withdraw their consent.
  • Data controllers and processors should assess the likely impact on human rights of Big Data processing, for example, by establishing ethical committees. They should carry out risk assessments, and develop solutions by-design and by-default to mitigate the risks.
  • The technical anonymisation of data could be combined with legal or contractual obligations to prevent possible re-identification of the persons concerned.

Alessandra Pierucci, Chairperson of the Committee of “Convention 108” highlighted “the importance of providing guidance on what has become in the past years an exponential source of knowledge, and an exponential source of processing of personal data. This first step of the Committee towards a stronger protection of persons in our big data environment will have to lead to further steps, to follow the fast pace evolution of big data related technologies”.

A Council of Europe delegation is participating today in a session on the Council of Europe’s approach to Big Data at the 10th Edition of the “Computers, Privacy and Data Protection” international conference (CDPC), which is held in Brussels from 25 to 27 January.

2016 edition 2016 edition
Counil of Europe Strasbourg 28 January 2016
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
  • Imprimer en PDF
© Shutterstock

© Shutterstock

The Council of Europe is organising a workshop on 28 January in Brussels at the 9th Edition of the “Computers, Privacy and Data Protection international conference” (CPDP) to take stock of ten years of experience of the Data Protection Day, and to assess how this celebration has contributed to raise awareness about the protection of personal data in Europe and beyond.

This year is the 10th anniversary of the Data Protection Day, which was established by the Committee of Ministers of the Council of Europe in 2006. The date was chosen to mark the opening for signature of the data protection convention, known as “Convention 108”, on 28 January 1981.

The aim of the workshop will be to recall the objective of this celebration, why it matters and the progress made since 2006; show-case some great practices and initiatives; and take stock of the difficulties encountered. The multi-stakeholder panel will be chaired by Maria Michaelidou, programme advisor at the Data Protection Unit of the Council of Europe and moderated by Christiana Markou, lecturer in law at European University Cyprus.

The Council of Europe is also co-organising, on the same day, together with the European Data Protection Supervisor and the American National Cyber Security Alliance a transatlantic dialogue on the development of a sustainable 'Big Data' ecosystem, with speakers both in Washington D.C. and in Brussels.

During the conference, will be held from 27 to 29 January, the Council of Europe delegation will also contribute to panels on “Cross Border Data Requests for Law Enforcement in the Post-Snowden Era”, “Intelligence services surveillance in the EU: fundamental rights, safeguards and remedies” and “Internet architecture and human rights”.

CPDP is a non-profit platform originally founded in 2007 by research groups from the Vrije Universiteit Brussel, the Université de Namur and Tilburg University and has now grown into a platform carried by 20 academic centres of excellence from the EU, the US and beyond.

Every year it brings together academics, lawyers, practitioners, policy-makers, industry and civil society from all over the world to exchange ideas and discuss the latest emerging issues and trends.


Max Schrems, privacy activist and founder of the Europe vs Facebook initiative, stresses that the lack of enforcement is the biggest problem for the protection of personal data in Europe. Max Schrems initiated the legal proceedings that led to the ruling of the EU Court of Justice which invalidated the European Commission’s “Safe Harbor” scheme.

Jean-Philippe Walter, Chair of the Consultative Committee of “Convention 108”, explains the key challenges to the protection of personal data today, in particular the lack of transparency in the processing of data. He also explains the objectives of the ongoing process to update “Convention 108” to adapt it to new technological developments.

2015 Edition 2015 Edition
headline Council of Europe Strasbourg 28 January 2015
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
  • Imprimer en PDF
Shutterstock

Shutterstock

Today, 28th of January, Europe and the Council of Europe celebrate their 9th edition of Data Protection Day.

Such event is destined to mark the anniversary of the opening for signature of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data – known as Convention 108 as well – which was, and still remains, the only legally binding international instrument in the data protection field.

As such, the Convention aims to secure respect of the individual’s right to privacy, with regard to automatic processing of personal data, carried out by both the private and the public sector. At the same time, it seeks to impose restrictions on the free flow of transborder data where equivalent legal protection is not provided. As a response to the consultation process carried out by the Council of Europe, a modernisation process of the Convention 108 started in 2011 and led to the finalisation of the work by the Ad-hoc Committee on Data Protection (CAHDATA) in December 2014.

For this 9th edition, the Data Protection Unit is once again contributing to the International Conference on Computer, Privacy and Data Protection in Brussels.

2014 Edition 2014 Edition
Council of Europe
Strasbourg 28/01/2014
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
  • Imprimer en PDF
Illustration: Shutterstock

Illustration: Shutterstock

The Council of Europe and the European Union Agency for Fundamental Rights (FRA) launched today - on Data Protection Day - a practical guide to European data protection law.

The handbook is the first comprehensive guide to Council of Europe and European Union law on data protection, taking into account the case law from the European Court of Human Rights and the Court of Justice of the European Union. It explains how data protection is regulated under EU law as well as the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, and other Council of Europe instruments.

The handbook is aimed at non-specialist legal professionals, judges, national data protection authorities and anyone else that may be confronted with legal questions in the area of data protection. It covers issues such as data protection terminology; key principles and the rules of data protection law; data subjects' rights and their enforcement; transborder data flow; and data protection in the context of police and criminal justice.

The guide will be launched in English with versions in Bulgarian, Croatian, Danish, Dutch, Estonian, Finnish, French, German, Greek, Hungarian, Italian, Latvian, Lithuanian, Polish, Portuguese, Romanian, Slovak, Slovenian and Spanish to follow later this year.

Press release

2013 Edition 2013 Edition
Convention for the Protection of individuals with regard to automatic processing of personal data
Strasbourg 25/01/2013
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
  • Imprimer en PDF
Data Protection Day 2013

The Council of Europe is celebrating Data Protection Day, which commemorates the opening for signature on 28 January 1981 of "Convention 108", the Convention on the Protection of individuals with regard to automatic processing of personal data.

Convention 108 is the only legally binding treaty in the privacy field, harmonising protection on the basis of minimum standards. At present 44 states are bound by it and in the near future Uruguay will become the first non-European country to become a state party.

The convention is currently being updated to respond to new privacy concerns resulting from the use of new information technologies and to strengthen its follow-up mechanism. The aim is to offer robust protection across countries and jurisdictions. Close cooperation with the European Union will ensure consistency with the EU´s own data protection legal framework, which is also being reviewed.

The Consultative Committee recently adopted the first draft text of the updated convention, which will be examined by an intergovernmental Council of Europe committee in 2013, before being eventually submitted for adoption by the Committee of Ministers at a later stage.

The Council of Europe also provides technical support to countries, in particular in the form of legislative expertise and help with bringing national legislation into line with international personal data protection standards.

Data Protection Day was launched by the Council of Europe in 2006 and is celebrated across and beyond Europe to make personal data protection better known.