COMMISSION FOR PERSONAL DATA PROTECTION 14 TH Meeting, CEEDPA 20-21 may, Kyiv

COMMISSION FOR PERSONAL DATA PROTECTION14TH Meeting, CEEDPA

20-21 may, Kyiv

LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION FOR PEROSNAL DATA PROTECTION

LEGAL FRAMEWORK FOR DATA

PROTECTION, COMPETENCES AND

PRIORITIES OF THE COMMISSION FOR

PEROSNAL DATA PROTECTION

MARIYA MATEVA – member of the Board, CPDP


20-21 may, Kyiv


AGENDA

I. About the commission for personal data protection

II. CPDP Powers under the Law for Protection of Personal Data

III. Implementation of European legislation into the Bulgarian legal framework

IV. The structure of the Bulgarian data protection framework

V. The extend to which priorities of The Commission for 2911 have been HAVE BEEN

VI. Objectives and priorities for 2012


20-21 may, Kyiv



The Commission for Personal Data Protection is the

supervisory authority of the Republic of Bulgaria. It

undertakes the protection of individuals in processing of

their personal data and in providing access to those data,

as well as control on compliance with the Law for Protection

of Personal Data. The Commission for Personal Data

Protection was first established by decision of the

Parliament dated 23 May, 2002.


20-21 may, Kyiv



The Commission for Personal Data Protection is an

independent, jointly governed authority and consists of a

Chairperson and Four members. The Members of the

commission and its Chairperson are elected by the

Parliament by proposal of the Council of Ministers for a

term of 5 years, and they may be re-elected for another

mandate.

On 19 December 2007 the second office of the Commission

was elected.


20-21 may, Kyiv


II. CPDP Powers under the Law for Protection of

Personal Data

1. Analyze and monitor compliance with the legal framework in the field of personal data protection

2. Keep a register of personal data controllers and the personal data registers kept by them;

3. Inspect personal data controllers in connection with its activities

4. Give opinions and issue permissions in the cases provided for in the Law

5. Issue compulsory instructions to data controllers in connection with personal data protection


20-21 may, Kyiv



Personal Data

6. Suspend, upon prior notification, any personal data processing that violates the provisions for personal data protection

7. Handle complaints against acts issued or any actions of data controllers, which violate the rights of individuals under this Law, as well as third parties’ complaints in relation to their rights under this Law

8. Participate in drawing up and obligatory issuing of opinions with regard to draft laws and regulations in the field of personal data protection

9. Issue subordinate legal acts in data protection field


20-21 may, Kyiv



Personal Data

10. Participate in the activities carried out by the international organizations on the matters of its competence

11. Participate in the negotiations and conclusion of bilateral or multilateral agreements on matters of its competence

12. To organize and coordinates the training of personal data controllers in the personal data protection filed


20-21 may, Kyiv


III. Implementation of European legislation into the

Bulgarian legal framework

•Convention for the Protection of Human Rights and Fundamental Freedoms, ratified on July 31st 1992

• Convention № 108 of the Council of Europe on the protection of individuals with regard to automatic processing on personal data, ratified in 2002

•The Directive 95/46/ЕC of the European Parliament and the Council, introduced into the national legislation by the Law for Protection of Personal Data


20-21 may, Kyiv


IV. The structure of the Bulgarian data protection

framework

•The Law for Protection of Personal Data, first adopted in 2002

•The Rules on the activity of the Commission for personal data protection and its administration

•Ordinance № 1 dated 7 February 2007 on the minimal level of technical and organizational measures and the admissible type of personal data protection

In 2011, the process of transposition into the Bulgarian legislation of Framework Decision 2008/977/JHA on the protection of personal data processed in the framework of police and judicial co-operation in criminal matters was completed.


20-21 may, Kyiv


V. The extend to which priorities of The Commission for

2011 have been•The main priority of the Commission was to increase the awareness of the individuals concerning their rights in the personal data protection field

•Another priority set out in 2011 and accomplished in 2012 was the strengthening of the bilateral cooperation with other relevant supervisory authorities

•The third priority in the activity of the Commission in 2011, was to actively participate in the work of European institutions and the development of rules, requirements and higher personal data protection standards

•The final objective of the Commission was focused on the obligations arising out from the Law on Electronic Communications


20-21 may, Kyiv


VI. Objectives and priorities for 2012•Participation in activities related to the European data protection reform

•Continuation of our information and educational activities on various aspects and among different target groups in society

•Research on the particular needs of data controllers for training in the data protection filed

•An important priority for the Commission in 2012 is related to the new powers conferred to CPDP with the latest amendments to the Law on Personal Data Protection in 2010 and 2011

•To build up e-Government, the Commission considers that the electronic services it provides to citizens could be considered part of the E-government of the country


20-21 may, Kyiv


COMMISSION FOR PERSONAL DATA

PROTECTION

15, Acad. Ivan Geshov blvd.

1431 Sofia

BULGARIA

• tel.: +359 2 915 35 18• fax: +359 2 915 35 25• e-mail: [email protected]• www.cpdp.bg

MARIYA MATEVA – MEMBER OF THE BOARD

Documents

COMMISSION FOR PERSONAL DATA PROTECTION 14 TH Meeting, CEEDPA 20-21 may, Kyiv