Dear Readers,

The decision by the eucrim editors to dedicate this entire issue to data protection

confirms that data protection is increasingly relevant and also at the heart of European

criminal law. An area of freedom, security and justice without internal borders can

only exist if the national police and judicial authorities are able to exchange

information as needed to fulfil their tasks. The use and exchange of information

relating to persons also requires a solid and consistent system of data protection, not

least because of technological developments. The term “surveillance society” is often

used as a metaphor for a society that does not respect the fundamental interests of

citizens to keep information safe and, if possible, to themselves.

It is an honour and a pleasure to write the editorial for this issue, which not only

reinforces the importance of data protection but is also particularly well timed. On the

level of the Member States, serious efforts are being made on the part of the Member

States to implement Council Framework Decision 2008/977/JHA on data protection

in the area of police and judicial cooperation into their national laws by 27 November

2010. At the same time, the implementation period for the most important parts of the

Prüm system is still until August 2011.

Within the European Union, the playing field is changing considerably. The most

important developments are that the Lisbon Treaty entered into force, that the

Stockholm Programme was adopted, and that the European Commission organised

public consultations on two highly relevant issues − the future framework for data

protection within the European Union and the possibility of an agreement with the

United States on data protection principles to be applied to transatlantic exchanges.

In March 2010, the highest national court in one of the largest Member States −

Germany’s Bundesverfassungsgericht − ruled on the compatibility of Directive

2006/24/EC on the retention of telecommunications data with essential values of

privacy and data protection, and it decided that some of the national provisions violate

fundamental rights. A week later, the European Court of Justice emphasised the need

for strong data protection in a judgment on the independence of data protection

authorities in the German Länder. In the political domain, the European Parliament

recently took an important step, based on the non respect of fundamental rights, by

rejecting an agreement between the European Union and the United States that

allowed US authorities to have access to personal data from SWIFT, under certain

conditions, for purposes of counter-terrorism.

These are all clear illustrations of the impact of data exchange and data protection. In

my view, the most significant of these developments is the entry into force of the

Lisbon Treaty. This Treaty marks a new era for data protection. It brings a number of

general changes, such as the abolishment of the pillar structure − the cause of many

deficiencies in the current data protection system −, giving a binding nature to the

Charter of Fundamental Rights of the Union and the possibility for the EU to accede

to the ECHR.

The Lisbon Treaty also resulted in Article 16 of the Treaty on the Functioning of the

EU (TFEU). This article not only lays down the individual right of the data subject to

2

the protection of his or her personal data, but it also obliges the European Parliament

and the Council to provide for data protection in all areas of EU law, including the

processing of personal data in the area of police and judicial cooperation and by

institutions and bodies of the EU itself.

On the basis of Article 16, a comprehensive legal framework for data protection,

combining consistency and solidity, will no longer be wishful thinking but a feasible

policy objective.

I see it as one of my main tasks as EDPS to raise awareness of data protection, not

only for individuals whose data are used but also amongst academics and policy

makers. I am convinced that this issue of eucrim will be helpful in fulfilling this task.

Peter Hustinx

European Data Protection Supervisor