The Conference entitled “Public Security and Personal Data Protection” was organised by the Inspector General for Personal Data Protection and took place on 11 –12 May 2006 in Warsaw. The honorary patronage of the Conference has been taken over by the Speaker of the Diet, Mr Marek Jurek.

The invited guests – participants from all over the world, who represented the national data protection authorities, the Council of Europe, the European Commission, as well the biggest scientific entities and economic organisations in the world – discussed the form of the personal data protection in the events of the public security risks prevention.

The participants of the Conference tried to answer the question if there are any limits of the interference in privacy of a person and if yes, where are these limits if the interference is taken in the name of public security protection. Could the reason of the enlargement of the scope of information collected by the public entities about citizens be the prevention of the crime and acts of the terror?

The participants of the Conference considered the issue of the personal data collection made by the private entities who execute their obligations imposed by the rules of law. Isn’t the performing of e.g. the obligations of the banks in connection with the counteracting and fighting against financial frauds or the obligations of telecommunication services suppliers concerning the storage and making use of data, under the banner of the protection of public security, only the unnecessary interference in the privacy? Could it cause the citizens’ feeling that they are followed and kept under surveillance?

Is there a chance of a compromise between the right to feeling safety and right to privacy?

During the proceedings there were discussed the following topics:

1.The human rights and public security – a chance of the compromise?

2.The personal data protection in the sphere of freedom, justice and security. The latest events – the future activities.

3.The privacy protection in the context of the introduction of the Schengen Information System of the second generation (SIS II).

4.The processing of the sensitive data by the judiciary authorities.

5.Could the performing of the obligations of the private sector cause the arising of the “society kept under surveillance”?

6.The limits of the privacy and the public security in the context of the bank sector obligations connected with the counteracting and fighting against financial frauds.

7.The obligations of telecommunication services suppliers and the consumers privacy protection: the storage and further using of the traffic data.

The Data Protection Agency of the Community of Madrid announces the start of the third edition of contest for the best practices concerning the protection of personal data in public administration.

The prize awarded by the Data Protection Agency of the Community of Madrid is an opportunity to promote the development of the "personal data protection culture".

This initiative aims at widening the horizons and encouraging others to follow the example of the public administration entities whose practices related to the protection of personal data were acknowledged as the best. It concerns only these entities whose countries are the signatories of the Convention of the Council of Europe of 28 January 1981 for the protection of individuals with regard to automatic processing of personal data.

The best practices can refer to various aspects of the protection of personal data, such as the improvement of quality, the designing of the effective systems relating to the transfer of information on data collection to the citizens, the procedure in connection with expression of consent to process the data concerning the data subjects, the security of personal data or the obligation of confidentiality.

The conditions of participation

The Resolution dated 16 March 2006, which was published on 4 April 2006 in the Official Journal of the Community of Madrid and passed by the President of the Data Protection Agency of the Community of Madrid, proclaims the start of the third edition of the contest for the best practices relating to the protection of personal data in public administration.

• The applications in Spanish or English should be sent till 5 October 2006.
• The applications should be prepared on the basis of the appendix to the Resolution announcing the Contest.
• The applications should be sent via the regular mail or handed in personally in the seat of the Data Protection Agency of the Community of Madrid to the address: Registry of the Data Protection Agency of the Community of Madrid, Cardinal Marcelo Spinoza, numero 14, tercera planta 28016 Madrid or in any other department of the Community of Madrid. They can also be sent electronically to the e-mail address: apdcm@madrid.org
• Every participant should attach to the application a report explaining the proposed project and the way it should be implemented. It is necessary as well to attach complete documentation on the proposed project and on all other projects that were carried out earlier, as well as the detailed report concerning the projects that are introduced at the present time and their current situation.

Previous editions of the Contest

In the first two editions the prizes were awarded to:

• The Municipal Council of Victoria-Gasteiz (2004)
• Austrian Government and Commission for the Protection of Personal Data (2005)
• The second edition of the Competition was announced in 2005 and the prize was awarded to the project "The data management in the e-administration related to the protection of personal data" prepared by the Austrian Government and the Commission for the Protection of Personal Data.

Within two previous years adequately 12 and 15 institutions got the prize.

In the first year, two honourable mentions were granted- first to the University of Valencia, the second one to the Directorate General of Public Health of the Public Health Agency in Madrid.

In the next year, Rey Juan Carlos University in Madrid, the Municipal Council of Pedrosa del Principe (Burgos) and the Registration Office belonging to the Ministry of the Environment of the Community of Madrid were awarded a special honourable mention.

E-PRODAT

The best practices will be widespread within the framework of the European project "e-PRODAT- European Data Protection Best Practices in e-Government services".

The e-PRODAT project has started on 1 February 2005 and it has been planned for 24 months. One of its main goals is to create an Internet based "European e-Government data protection observatory" which will be introducing and spreading the most interesting practices in the domain of the protection of personal data and e-government.

The Data Protection Agency of the Community of Madrid is the leader of this project. It managed to gain the financial means from the European Union within the framework of the initiative INTERREG IIIC with the participation of the Estonian Data Protection Inspectorate, of the City of Bolonia and the Abruzzo Region (Italy), of the Association of Local Authorities of the Prefecture of Kavala (Greece), of Rey Juan Carlos University and the University of Patras (Greece).

The presentation of the Prize

The prizes will be presented in 2006 at the official ceremony which will take place during the Third European Seminary focusing on the best practices in the protection of personal data in public administration.

The awarded authority will obtain a certificate signed by the President of the Data Protection Agency of the Community of Madrid. They can place the information concerning the presented prize on their websites, in the headlines of their correspondence or in the official brochures for the next three years.

The criteria on the basis of which the prizes are awarded

During the evaluation of the project, the Council will take into consideration:

• The procedures applied to ensure adequate quality of the processed data.
• The effectiveness of the system providing the information service.
• The effectiveness of the method consisting in managing the consent to process personal data.
• The existence of detailed regulations and procedures referring to the processing of the sensitive data.
• The applied protective measures.
• The procedures of data transfer and data disclosure to the Third Parties.
• The propositions relating to the protection of data against Third Party's access.
• The planning and the designing of the procedures enabling to evaluate quality of work of the public administration entities and to benefit from the right to access, rectify, delete and object to the processing of personal data.
• Generally- the level of the enforcement of all the rules concerning the protection of personal data.

Additional information

More information and the application forms are available on the website www.madrid.org/apdcm (under the tuck "servicios" / "otros servicios y convocatorias"), while the Resolution of the President of the Data Protection Agency was published in the Official Newspaper issued by the Community of Madrid.


The Data Protection Agency of the Community of Madrid

Because of the increasing popularity of the information and telecommunications technologies among EU Governments and Public Administration bodies, the effectiveness and productivity of public services is higher.

The usage of these new communication tools and the provided services might constitute a risk for the privacy of EU citizens. The information and communication technologies allow to collect, process, store and transfer personal data on a large scale.

The European Law, in particular the Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, the Convention of the Council of Europe No 108 of 28 January 1981 on the protection of individuals with regard to automatic processing of personal data, as well as the Charter of Fundamental Rights of the European Union state that everyone has the right to decide whether his/her personal data will be revealed and how they can be used. Various institutions guaranteeing the respect of the right to information self-determination on the national as well as the regional level, were established.

The Data Protection Agency of the Community of Madrid (APDCM) aims at widespread of "personal data protection culture" among the citizens and data controllers. In order to achieve this goal, the agency is organising conferences and information meetings (25000 people have been trained so far), is developing the active publication policy (addressed to a large audience, data controllers in public organisations and researchers on the basis of the agreement with publishing house Thomson-Civitas) and is responsible for the issue and publication of the e-magazine of 5000 readers.

Moreover, the Data Protection Agency of the Community of Madrid is supervising the project "e-PRODAT": European Data Protection Best Practices in e-Government services, which one of the main goals is to create an Internet based European e-Government data protection observatory. The Agency also supervised the project "Dataprot: aiming at self-education in terms of personal data protection.

Moreover, since 2004 the Data Protection Agency of the Community of Madrid grants the prize for the best practices in the domain of the protection of personal data in public administration in order to present on the European forum the best project designers as well as the best practices relating to the protection of personal data.

On 14 April 2005 the Article 29 Working Party adopted as the document WP 108 the Working Document Establishing a Model Checklist Application for Approval of Binding Corporate Rules.

On 14 April 2005 the Article 29 Working Party adopted as the document WP 107 the Working Document Setting Forth a Co-Operation Procedure for Issuing Common Opinions on Adequate Safeguards Resulting From “Binding Corporate Rules”.

On 18 January 2005 the Article 29 Working Party adopted as the document WP 106 report on the obligation to notify the national supervisory authorities, the best use of exceptions and simplification and the role of the data protection officers in the European Union.

On April 28, 2004 at 11 a.m. in his residence ambassador dr. Reinhard Shweppe is to decorate dr. Ewa Kulesza an order…

Following an invitation of the Inspector General for Personal Data Protection Mr Peter Johan Hustinx – the European Data Protection Supervisor paid a visit, in Warsaw on 25-26 May 2004.