COE Convention

COE Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data

Published under Risk Management
Title: Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, Strasbourg, 28.I.1981
Source reference: http://conventions.coe.int/Treaty/en/Treaties/Html/108.htm
Topic: Automated data processing activities, including the export of personal data
Direct / indirect relevance Direct. The text directly prescribes an obligation to assess security measures with regard to data processing and to take the required security precautions.
Scope: Convention which is binding to the signatory states (which includes all E.U. Member States) after the entry into force of the convention, which occurred on 1 October 1985.
Legal force: Requires signatory states to provide the necessary privacy protection provisions in their national regulatory frameworks.
Affected sectors: Automated data processing activities
Relevant provision(s): Article 7 – Data security

Appropriate security measures shall be taken for the protection of personal data stored in automated data files against accidental or unauthorised destruction or accidental loss as well as against unauthorised access, alteration or dissemination.
Relevance to RM/RA: Similar to the UN Guidelines above, the COE Convention is mostly of historical importance, as a background to more recent regulation, including (if not particularly) the aforementioned Privacy Directive.

None the less, the COE Convention is a summary statement of basic principles with regard to automated data processing.

We use cookies to ensure we give you the best browsing experience on our website. Find out more on how we use cookies and how you can change your settings.

Ok, I understand No, tell me more