OPINION OF THE EUROPEAN DATA PROTECTION
SUPERVISOR
on the Commission
proposal for a Regulation of the European Parliament and of the
Council
on simplifying the
transfer of motor vehicles registered in another Member State
within the single market.
This Opinion describes the relevance of data
protection in the context of vehicle re-registration, as
well as a few further recommendations on specific data protection
aspects that govern the exchanges of data amongst national
motor vehicle registers.
Before the adoption of the Proposal, the EDPS was
given the opportunity to provide informal comments. He welcomes (i)
the fact that most of these comments have been taken into account
in the Proposal and (ii) the fact that the specific list of data
that may be exchanged amongst vehicle registration authorities has
been clearly defined in Annex I of the Proposal.
The EDPS further recommends to:
- specify in Annex I the reasons for the
destruction in predefined fields to choose
from,
- make clear that
the obligation for a motor vehicle registration authority to
gather the information in Annex I from another competent
authority and to transfer the data to its own register can only
apply to data that the recipient competent authority would be
authorised to process pursuant to EU law and/or its national
law,
- add that vehicle
registration authorities should make easily accessible to the
public the rules governing the processing of data in the
context of the re-registration of vehicles, which should include
information on time limits for retention as well as the necessary
information foreseen in Articles 10 and 11 of Directive
95/46/EC,
- clarify in the
Proposal what is the software application mentioned in Annex
II which will be used for the electronic exchanges of data, and
what would be the role of the Commission, if any, in facilitating
the interoperability between national registers,
- ensure that, if
data are exchanged amongst national vehicle registration
authorities through an existing pan-European infrastructure,
they are appropriately segregated from other data that may be
exchanged therein,
- add that the Commission should evaluate regularly
the adequacy of the security measures, taking into account
technological developments and the evolution of risks and that it
should update the security measures where
necessary.