The European Commission adopted in January 2012 a proposal for a regulation on data protection that will replace the existing Data Protection Directive. The proposed Regulation aims to better address the current online ecosystem and to provide a harmonized pan European privacy friendly online environment for users and service providers. ENISA is supporting these initiatives and published recently two new studies:
- ‘Study on data collection and storage in the EU’ examined use cases focusing on the registration to online social networking sites, on online ticket booking in the transportation sector and the collection of customer data and retention of traffic data in the telecommunications sector. Via these use cases, were examined the principle of minimal disclosure (when collecting personal data) and the principle of minimal storage period (when storing data), part of principle of proportionality which is fundamental in the European privacy and data protection legal framework. The study provides a good starting point for a pan-European view on the rules relating to the collection and storage of personal data in the European Union and on their implementation in Member States legislation.
- “Study on monetising privacy - An economic model for pricing personal information” providing an economic analysis of privacy as complementary to the legal analysis to facilitate improving our understanding of human decision-making with respect to personal data. The study analyses the monetisation of privacy. ‘Monetising privacy’ refers to a consumer’s decision of disclosure or non-disclosure of personal data in relation to a purchase transaction.
Against this background, ENISA organised a panel session held in the context of Cyber Security & Privacy EU Forum 2012 (CSP'2012). The members of the panel were the following:
- Eleni Kosta (time.lex/ICRI-KU Leuven, Belgium) -
- Harald Zwingelberg (ULD, Germany) -
- Vijay Erramilli (Telefónica I+D, S.A.U.)