Electronic invoicing in public procurement

Opinion of the European Data Protection Supervisor (EDPS) on the Commission Proposal for a Directive of the European Parliament and the Council on electronic invoicing in public procurement.

The EDPS appreciates that certain data protection issues have been taken into account in the proposal. He gives recommendations on how the proposal could be further improved:

• include a substantive provision to clarify that the Proposal is not meant to provide for general derogations from data protection principles and that relevant personal data protection legislation (i.e. national rules implementing Directive 95/46/EC) remain fully applicable in the context of e-invoicing;
• amend the proposal to ensure that: (i) the European standards to be adopted will follow a ‘privacy by design’ approach; (ii) ensure that data protection requirements are taken into account, and that; (iii) the standards will respect, in particular, the principles of proportionality, data minimisation and purpose limitation;
• include a reference to EU or national law, which should, in turn, provide appropriate safeguards should it be the intention of the legislator to provide for the publication of personal data for purposes of transparency and accountability.