A new European Commission (EC) proposal outlines how the EC would...

aims to up police and judicial cooperation among member states yet ensure privacy. The measure is needed, the EC said Tues., since a 1995 data protection directive doesn’t address processing of personal data when police and courts cooperate on criminal matters. The decision: (1) Gives rules on the legality of processing personal data. (2) Offers provisions on specific forms of processing, such as transmitting and making personal data available to other member states’ authorities. (3) Details the rights of those whose data come under scrutiny. (4) Provides for confidentiality and security of processing. (5) Describes judicial remedies, liability and sanctions for misuse of data. (6) Posits creation of a working party on protecting individuals with regard to processing personal data to prevent and investigate crimes. The decision also seeks to ensure that personal data are transferred only to 3rd nations that have adequate data protection. Justice and home affairs ministers will get the proposal at an Oct. 12-13 meeting in Luxembourg. The EC data retention proposal, which debuted last month (WID Sept 22 p6), is undergoing consideration in parallel to that accorded the framework decision being shepherded by the U.K. Presidency. In a Sept. 26 opinion, European Data Protection Supervisor Peter Hustinx said of the EC proposal, “more [privacy] safeguards are needed.” Hustinx doesn’t see the need to retain traffic and location data for law enforcement purposes, he said. He urged revisions, among them ensuring individuals other than relevant authorities don’t have access to communications traffic data and that data are provided only in relation to specified serious criminal offenses. Hustinx also urged that retention periods proposed by the EC -- one year for telecom-related data and 6 months for Internet Protocol data -- be the maximum retention periods, and that data be erased at the end of those terms.