CYIL vol. 9 (2018)

CYIL 9 ȍ2018Ȏ PROTOCOL MODERNISING THE CONVENTION FOR THE PROTECTION OF INDIVIDUALS… PROTOCOL MODERNISING THE CONVENTION FOR THE PROTECTION OF INDIVIDUALS WITH REGARD TO AUTOMATIC PROCESSING OF PERSONAL DATA – TOWARDS A SINGLE REGULATORY FRAMEWORK IN EUROPE AND BEYOND? Emil Ruffer 1 Abstract: The aim of this article is to describe the process that led to the so far most ambitious modernisation of the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (ETS No. 108). The article first looks at the difficult negotiations of the Protocol amending the Convention in the Committee of Ministers of the Council of Europe, and then provides an overview of the main elements of the amendments to the Convention and focuses particularly on its relationship to the EU legal framework. Finally, it elaborates on some modalities of the signature, ratification / accession and entry into force of the Protocol and explores the universal potential of the modernised Convention beyond the European continent. Resumé: Cílem tohoto článku je popsat proces, jenž vedl k dosud nejambicióznější mo- dernizaci Úmluvy Rady Evropy o ochraně osob se zřetelem na automatizované zpracování osobních dat (ETS č. 108). Článek se nejprve zabývá obtížným vyjednáváním o protokolu pozměňujícím Úmluvu ve Výboru ministrů Rady Evropy a poté poskytuje přehled nejdů- ležitějších změn Úmluvy a zaměřuje se zvláště na její vztah k právnímu rámci EU. Nakonec jsou rozpracovány některé modality podpisu, ratifikace / přistoupení a vstupu v platnost Protokolu a je zkoumán celosvětový potenciál modernizované Úmluvy za hranicemi evrop- ského kontinentu. KeyWords : Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, Protocol amending the Convention, personal data protection, right to privacy, transborder flows of data, supervisory authority, Council of Europe, Committee of Ministers, European Convention on Human Rights, European Court of Human Rights, European Union, Court of Justice of the European Union, General Data Protection Regulation (GDPR). About the Author: JUDr. Emil Ruffer, PhD. was born in Prague in 1974. Graduated from the Charles University, Faculty of Law, in 2001. He also read English and American Literature at the Charles University, Faculty of Arts. From 1996 to 1997 he studied European Law and Politics at the Cardiff Law School under the Tempus (PHARE) programme; for the academic year 2000-2001 he received Sasakawa Young Leaders Fellowship for studies of European and International Public Law at the Humboldt University in Berlin. In 2007 he received Ph.D. from the Charles University, Faculty of Law upon completing research in the area of legal aspects of EU external relations, which is one his fields of specialisation. In 2011 he spent 6 months as a Visiting Fulbright Scholar at Fordham Law School in New York. He has been working in the EU Law Department of the Ministry of Foreign Affairs of 1 The author is the Permanent Representative of the Czech Republic to the Council of Europe. However, the opinions expressed in this article are solely those of the author and do not necessarily correspond with the official position of the Ministry of Foreign Affairs of the Czech Republic and do not bind this institution in any way. I am grateful to my colleague, Mr Jiří Šlais, for his valuable comments and observations.

143