OPEN LETTER TO MEMBERS OF THE EUROPEAN PARLIAMENT
OPPOSING THE NOMINATION OF JOAQUÍN BAYO DELGADO TO
THE POST OF EU DATA PROTECTION SUPERVISOR

30th May 2003

We are surprised to learn that the Parliamentary Committee on Citizens’ Freedoms and Rights, Justice and Home Affairs on May 20 voted Joaquín Bayo Delgado as primary candidate for the post of "Data Protection Supervisor" for Europe. We believe that it is in the best interests of the rights of citizens of the EU that the post should be filled by a person with more relevant experience.

This post carries extensive responsibilities, including oversight of the Schengen Information System and coordination of all data protection involving First Pillar EU institutions. Privacy International, together with our colleague organisations in civil liberties throughout Europe, believe the role of Supervisor will be crucial to the future protection of citizens’ rights in Europe. Indeed the European Parliament in decision No 1247/2002/EC accords the position as having parallel status to the Ombudsman.

Privacy and Data Protection are complex issues requiring a high degree of sensitivity and wisdom. We believe that in selecting this candidate the Committee has failed to recognise these requirements. Privacy and Data Protection are under unprecedented stress throughout the world, and any supervisory role in this field should reflect the concerns that citizens’ rightly have about the fragile future of this fundamental right.

Data Protection and the related issues intersecting with the protection of privacy under Article 8 of the European Convention on Human Rights require an extensive awareness of more than two hundred core areas of information activity. These include communications data retention, export of data to non EEA areas, visual surveillance, communications interception, citizen identification requirements, information sharing and data matching, data mining, direct marketing, health information systems, law enforcement use of data, financial systems, employee monitoring, “cybercrime” issues and freedom of information. The exercise of this function therefore requires considerable specialist experience.

This is an important and challenging time for a Regulator. In the past few months, the EU has adopted a new Directive on the privacy of electronic communications and is reportedly examining a regulation on data retention. It has negotiated a controversial agreement to share personal information on air travellers with the United States and has been reviewing the 1995 Data Protection Directive. Anti-terrorism initiatives have also created unprecedented threats to personal privacy and data protection.

The function and duties (Article 46 of Regulation No 45/2001) and powers (Article 47 of Regulation No 45/2001) of the Data Protection Supervisor are crucial to the functioning of data protection and to the protection of rights under Article 8 of the European Convention on Human Rights. Having some basic knowledge of the current and previous professional responsibilities of Mr Bayo Delgado we have grave concerns that his lack of experience will seriously limit his ability to fulfil these complex functions in a manner consistent with the highest standards of data protection.

We should also draw to your attention our long-standing concern that the management of Data Protection increasingly requires exceptional and extensive knowledge of technology. Invasion of privacy rights frequently occurs as a result of application of new technologies. However, the protection of rights can also be achieved by ensuring the application of verifiable and reliable technical means. We believe that the role of Data Protection Supervisor is best served by a candidate with broad experience both of technology and law.

In making this statement we do not wish to cast aspersions on the character, ability or the reputation of Mr Bayo Delgado. However, we cannot understand how a candidate with no experience or publicly stated interest in Data Protection can be nominated for this post over many eminently qualified candidates. To the best of our knowledge Mr Bayo Delgado is unknown to any privacy or data protection advocate in Europe, nor has he written or spoken about the subject it in any public presentation.

We understand that following negotiations with the Council, the appointment will be decided by the Committee on Citizens’ Rights on June 2nd before being considered by Parliament's Conference of Presidents.

The short-list of candidates being presented to the Council contains individuals with the background, skills and motivation necessary for this important post. Privacy International urges the Council and the Committee on Citizens’ Rights to overturn the nomination and to select a candidate who is capable of representing the rights and interests of European citizens.

Yours faithfully

Simon Davies
Director
Privacy International

(1) Function and duties (Article 46 of Regulation No 45/2001) and powers (Article 47 of Regulation No 45/2001) of the Data protection Supervisor