The European Data Protection Supervisor (EDPS) has reviewed the Council of the European Union’s proposal for a regulation focused on the welfare of dogs and cats and their traceability. This document serves to ensure market efficiency in this sector, promoting high standards of animal welfare. For professionals in data protection, the ongoing dialogue provides increased clarity on personal data processing within this regulatory framework.
Key Insights:
– Data Processing and Minimization: The proposal stipulates the collection of personal data for notification and registration of establishments. An emphasis is placed on data minimization, ensuring only necessary personal information is captured. Recommendations include providing exhaustive lists of data categories, eliminating broad terms like “at least” to prevent indiscriminate data collection.
– Database and Online Systems: The regulation introduces national and Union databases for tracing dogs and cats, integrating personal data. The EDPS highlights the need to limit data accessibility, especially through the online system that verifies market listings. These systems must conform to data protection standards under the GDPR and the EUDPR.
– Roles, Responsibilities, and Retention: There’s also a need to define explicit roles, such as designating the European Commission as a data controller. Additionally, the EDPS suggests reviewing the data retention period, especially given that a 30-year storage policy may exceed practical needs considering animal life expectancy.
– Transparency and Clarity: The proposal must clarify which personal data will appear in public lists and databases. This ensures that the regulation remains transparent and adheres to legal, data minimization principles.
Concluding Recommendations:
Data protection experts recognize the intricate relationship between data processing and privacy rights within regulatory proposals like this one. Recommendations moving forward include establishing detailed lists of data collection categories, explicitly appointing data responsibilities, re-evaluating retention times, and ensuring the Commission consults with the EDPS for any implementing acts impacting personal data rights. These steps will fortify the legal clarity and ensure robust data protection practices in the regulation’s implementation.
For more detailed information, refer to the original source: (https://www.edps.europa.eu/system/files/2024-11/2024-0654_opinion-signed-ts_en.pdf).