Legislative Observatory
European Parliament
Please fill in this field to find a procedure

Taxation: administrative cooperation

2009/0004(CNS)

OPINION OF THE EUROPEAN DATA PROTECTION SUPERVISOR on the proposal for a Council Directive on administrative cooperation in the field of taxation

The European Data Protection Supervisor (EDPS) has not been consulted as required by Article 28(2) of Regulation (EC) No 45/2001on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data. The current opinion is therefore based on Article 41(2) of the same Regulation.

Unfortunately, the EDPS has only recently become aware of the current proposal. This can be explained by the fact that awareness of data protection requirements in relation to taxation matters is still in its initial phase. The EDPS sees signs that this awareness is increasing, but emphasises that much more can and must be achieved in this respect.

The current proposal is a clear example of a lack of data protection awareness since the issue of data protection has almost completely been ignored. Consequently, the proposal contains several elements which do not comply with the applicable data protection requirements. Because of the failure to properly address the data protection impact of the proposed cooperation, the EDPS still considers it necessary to present his view on the matter. The EDPS expresses the wish that the comments set out in this opinion will still be taken into account and will foster the system of administrative cooperation to be developed in a way which respects the right to data protection of the European citizens.

In the current Opinion the EDPS has advised the legislator:

  • to include a reference to Directive 95/46/EC at least in the recitals of the proposed Directive and preferably in a substantive provision as well, stating that the provisions of the Directive are without prejudice to the national rules which implement Directive 95/46/EC;
  • to include a reference to Regulation (EC) No 45/2001 at least in the recitals of the proposed Directive and preferably in a substantive provision as well, stating that the Commission, when it processes personal data on the basis of the Directive, is bound by the provisions of Regulation (EC) No 45/2001;
  • to define more clearly the responsibility of the Commission for the maintenance and security of the CCN network and to emphasise the obligations of the Member States in this respect and to put this all in the light of requirements stemming from Directive 95/46/EC and Regulation (EC) No 45/2001;
  • as regards the data exchange between competent authorities upon request or spontaneously, to specify the kind of personal information that can be exchanged, to better define the purposes for which personal data can be exchanged and assess the necessity of the transfer, or at least assure that the necessity principle is respected;
  • to add to Article 15(1) of the proposal that processing of the information for other purposes than those referred to in Article 2 ‘is subject to the conditions set out in Article 13 of Directive 95/46/EC’;
  • to adopt a provision in which the transparency of the information exchange is addressed;
  • to make explicit in Article 23(2) that a transfer of personal data to a third country should be in conformity with the domestic rules implementing the provisions of Chapter IV of Directive 95/46/EC;
  • to include in Article 24 a fourth paragraph stating that ‘where implementing measures relate to the processing of personal data, the European Data Protection Supervisor shall be consulted’.