Opinion of the European Data Protection
Supervisor (EDPS).
The EDPS appreciates that the regulation of the
European Parliament and of the Council on market surveillance of
products takes into account data protection issues to a certain
extent. However, he gives some recommendations on how the
Proposal could be further improved:
The EDPD particularly recommends:
- including a substantive provision to clarify that the
Proposal is not meant to provide for general derogations from data
protection principles and that relevant personal data processing
legislation remain fully applicable in the market surveillance
context;
- to amend the proposal so as to ensure that only
personal information which is strictly necessary is processed for
market surveillance purposes in the Rapid Information System
(RAPEX) and the Information and Communication System on Market
Surveillance (ICSMS), respectively;
- providing for fixed retention periods for the personal
data processed in RAPEX and ICSMS;
- maintaining the approach whereby the public is
informed about unsafe products (via the RAPEX website) without
making public personal information on economic operator(s)
responsible for those products;
- explicit substantive provisions that would at least
specify what kind of personal data may be made public and for what
purpose(s), if it is the intention of the legislator to provide for
the publication of personal information on economic
operators;
- supplementing the provisions on participation of
applicant countries, third countries or international organisations
in RAPEX, as well as on international exchange of confidential
information with explicit references to specific provisions about
personal data protection corresponding to those applicable in the
Union.