This section contains International Conventions and Treaties related to privacy and data protection applicable within the Union and/or binding upon the EU Member States, and relevant acts and documents.
UN Conventions and Resolutions
UN General Assembly, The right to privacy in the digital age (Appointment of a UN Special Rapporteur on the right to privacy), Human Rights Council (69th session), A/HRC/28/L.27, 24 March 2015
http://ap.ohchr.org/documents/dpage_e.aspx?si=A/HRC/28/L.27
UN General Assembly Resolution on the right to privacy in the digital age, 68th session, A/RES/68/167, 18 December 2013
http://www.un.org/en/ga/search/view_doc.asp?symbol=A/RES/68/167
UN General Assembly, Universal Declaration of Human Rights (UDHR), (183rd Plenary meeting), A/RES/3/217, 10 December 1948 http://un-documents.net/a3r217a.htm
UN General Assembly, International Covenant of Civil Political Rights, Resolution 2200A (XXI) of 16 December 1966
http://www.ohchr.org/EN/ProfessionalInterest/Pages/CCPR.aspx
Regional Conventions
Council of Europe, Modernised Convention for the Protection of Individuals with Regard to the Processing of Personal Data (Commonly known as Convention 108), 128th Session of the Committee of Minister, Elsinore, Denmark, 17-18 May 2018
https://search.coe.int/cm/Pages/result_details.aspx?Objectld=09000016807c65bf
Council of Europe, Guidelines on the protection of individuals with regard to the processing of personal data in a world of Big Data, Consultative Committee of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, T-PD(2017)01, Strasbourg, 23 January 2017
Council of Europe, Consolidated version of the Modernised Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Commonly known as Convention 108), September 2016
+ relevant documents connected
http://www.coe.int/en/web/data-protection/modernisation-convention108
Council of Europe, European Convention on Human Rights and Fundamental Freedoms, as amended by Protocol 14, CETS no. 194, Strasbourg, 1 June 2010
http://www.echr.coe.int/Documents/Convention_ENG.pdf
Council of Europe, Additional Protocol regarding supervisory authorities and transborder data flows to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, ETS 181, Strasbourg, 28 November 2001
Council of Europe, Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Commonly know as Convention 108), ETS 108, Strasbourg, 28 January 1981,
http://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/108
International agreements and related documents
European Commission, Report of the 21st Trade in Services Agreement (TiSA) negotiation round, 17 November 2016
http://trade.ec.europa.eu/doclib/docs/2016/november/tradoc_155095.pdf
European Commission, TiSA EU second revised offer, Schedule of specific documents and list of MFN exceptions, 21 October 2016
http://trade.ec.europa.eu/doclib/docs/2016/november/tradoc_155096.pdf
European Parliament, Resolution on the negotiations for the Trade in Services Agreement (TiSA) containing the European Parliament’s recommendations to the Commission, (2015/2233(INI)), Strasbourg, 3 February 2016
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+TA+P8-TA-2016-0041+0+DOC+XML+V0//EN
European Commission Communication, Trade for All - Towards a more responsible trade and investment policy, to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, COM/2015/0497 final, Brussels, 14.10.2015
http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52015DC0497&from=EN
European Commission implementing decision on the adequacy of the protection provided by the EU-U.S. Privacy Shield pursuant to Directive 95/46/EC of the European Parliament and of the Council, C(2016) 4176 final, Brussels, 12.7.2016
http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision_en.pdf
Annex 1 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-1_en.pdf
Annex 2 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-2_en.pdf
Annex 3 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-3_en.pdf
Annex 4 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-4_en.pdf
Annex 5 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-5_en.pdf
Annex 6 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-6_en.pdf
Annex 7 http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-7_en.pdf
European Commission, guide to the EU-U.S. Privacy Shield, http://ec.europa.eu/justice/data-protection/files/eu-us_privacy_shield_guide_en.pdf
Article 29 Working Party, opinion 01/2016 on the EU – U.S. Privacy Shield draft adequacy decision, 16/EN WP 238, 13 April 2016
Article 29 Working Party, Statement on the presentation by the European Commission of the EU-U.S. privacy shield, Brussels, 1 March 2016
European Commission, Communication on Transatlantic Data Flows: Restoring Trust through Strong Safeguards to the European Parliament and the Council, COM(2016) 117 final, Brussels, 29.2.2016
http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-communication_en.pdf
Article 29 Working Party, Statement on the consequences of the Schrems judgment, Brussels, 5 February 2016
European Commission, Communication on the Transfer of Personal Data from the EU to the United States of America under Directive 95/46/EC following the Judgment by the Court of Justice in Case C-362/14 (Schrems) to the European Parliament and the Council, COM(2015) 566 final, Brussels, 6.11.2015
114th United States Congress, US Freedom Act of 2015 – Uniting and strengthening America by fulfilling rights and ensuring effective discipline over monitoring Act of 2015, 129 STAT. 268, Public Law 114–23, 2 June 2015
https://www.congress.gov/114/plaws/publ23/PLAW-114publ23.pdf
European Commission, Communication on the Functioning of the Safe Harbour from the Perspective of EU Citizens and Companies established in the EU to the European Parliament and the Council, COM(2013) 847 final, Brussels, 27.11.2013
http://ec.europa.eu/justice/data-protection/files/com_2013_847_en.pdf
European Commission, Decision on the adequacy of the protection provided by the safe harbour privacy principles and related frequently asked questions issued by the US Department of Commerce pursuant to Directive 95/46/EC of the European Parliament and of the Council of 26 July 2000 (notified under document number C(2000) 2441) (Text with EEA relevance.), 2000/520/EC, OJ L 215, 25.8.2000, p.7
http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32000D0520&qid=1459699076673&from=EN
European Commission, decisions on the adequacy of the protection of personal data in third countries – Main documents
http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm
Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for purposes of the Terrorist Finance Tracking Program, OJ L 8/11, Brussels, 13.1.2010
http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:22010A0113%2801%29
Council of the European Union, Draft concerning the renewal of the TFTP Agreement between EU and US, reply to a letter from the Article 29 Data Protection Working Party, 8148/15, 23 April 2015
http://www.statewatch.org/news/2015/apr/eu-council-tftp-agreement-8148-15.pdf
European Commission, Proposal for a Council Decision on the signing, on behalf of the European Union, of an Agreement between the United States of America and the European Union on the protection of personal information relating to the prevention, investigation, detection, and prosecution of criminal offenses, COM(2016) 238 final, Brussels, 29.4.2016
http://ec.europa.eu/justice/data-protection/files/umbrella_proposal_en.pdf
European Data Protection Supervisor (EDPS), Preliminary Opinion on the agreement between the United States of America and the European Union on the protection of personal information relating to the prevention, investigation, detection and prosecution of criminal offences, Opinion 1/2016, 12 February 2016
https://edps.europa.eu/sites/edp/files/publication/16-02-12_eu-us_umbrella_agreement_en.pdf
European Commission, Fact Sheet: Questions and Answers on the EU-US data protection "Umbrella agreement", Brussels, 8 September 2015
http://europa.eu/rapid/press-release_MEMO-15-5612_en.htm
European Commission, Communication on the global approach to transfers of Passenger Name Record (PNR) data to third countries, COM(2010) 492 final, Brussels, 21.09.2010
http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:52010DC0492
European Commission, Agreement between the European Union and Australia on the processing and transfer of European Union –sourced passenger name record (PNR) data by air carriers to the Australian Customs Service, OJ L 213/49, 8.8.2008
http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:22008A0808(01)
Council of the European Union, Decision on the signing, on behalf of the European Union, of an Agreement between the European Union and the United States of America on the processing and transfer of Passenger Name Record (PNR) data by air carriers to the United States Department of Homeland Security (DHS) (2007 PNR Agreement), 2007/551/CFSP/JHA, Brussels, 23 July 2007 and Washington, 26 July 2007
and
Agreement between the European Union and the United States of America on the processing and transfer of Passenger Name Record (PNR) data by air carriers to the United States Department of Homeland Security (DHS) (2007 PNR Agreement), OJ L 204, 4.8.2007
+
European Commission, Report to the European Parliament and the Council on the joint review of the implementation of the Agreement between the European Union and the United States of America on the processing and transfer of passenger name records to the United StatesDepartment of Homeland Security, COM(2013) 844 final, 27.11.2013
+
Joint Review, of the implementation of the Agreement between the European Union and the United States of America on the processing and transfer of passenger name records to the United States Department of Homeland Security, SEC(2013) 630 final, 27.11.2013
Council of Europe, Agreement between the European Community and the Government of Canada on the processing of Advance Passenger Information and Passenger Name Record Data, OJ L 86/19, 24.3.2006
http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:22006X0324(01)&from=EN
European Commission, Model Contracts for the transfer of personal data to third countries
http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm
International acts and documents
Organisation for Economic Co-operation and Development (OECD) documents
OECD, Recommendation of the Council on Consumer Protection in E-commerce, C(2016)13, Paris, 24 March 2016 http://dx.doi.org/10.1787/9789264255258-en
OECD, OECD Privacy Framework, 2013
http://www.oecd.org/sti/ieconomy/oecd_privacy_framework.pdf
OECD, Privacy Expert Group Report on the Review of the 1980 OECD Privacy Guidelines, OECD Digital Economy Papers, No. 229, OECD Publishing, 30 August 2013
OECD, Council Recommendation on Principles for Internet Policy Making, Paris, 13 December 2011 http://www.oecd.org/sti/ieconomy/49258588.pdf
OECD High level Meeting, The internet economy: Generating innovation and growth, Paris, 28-29 June 2011 http://www.oecd.org/internet/innovation/48289796.pdf
OECD, Seoul Declaration for the Future of the Internet Economy, Seoul, Korea, 17-18 June 2008
http://www.oecd.org/sti/40839436.pdf
International Conference of Data Protection & Privacy Commissioners (ICDPPC) documents
International Conference of Data Protection & Privacy Commissioners (ICDPPC), Resolution on International Enforcement Cooperation, Marrakesh, 18 October 2016
International Conference of Data Protection & Privacy Commissioners (ICDPPC), Resolution on Transparency Reporting, Amsterdam, 27 October 2015
https://icdppc.org/wp-content/uploads/2015/02/Resolution-on-Transparency-Reporting.pdf
International Conference of Data Protection & Privacy Commissioners (ICDPPC), Resolution on Big Data, Republic of Mauritius, Fort Balaclava, Mauritius, October 2014
https://icdppc.org/wp-content/uploads/2015/02/Resolution-Big-Data.pdf
International Conference of Data Protection & Privacy Commissioners (ICDPPC), Resolution on Enforcement Cooperation, Fort Balaclava, Mauritius, October 2014
https://icdppc.org/wp-content/uploads/2015/02/ResolutionInternational-cooperation.pdf
International Conference of Data Protection & Privacy Commissioners (ICDPPC), Resolution on Privacy in the Digital Age, Fort Balaclava, Mauritius, October 2014
https://icdppc.org/wp-content/uploads/2015/02/Resolution-Privacy-in-the-digital-age.pdf
International Conference of Data Protection & Privacy Commissioners (ICDPPC), Mauritius Declaration on the Internet of Things, Fort Balaclava, Mauritius, 14 October 2014
https://icdppc.org/wp-content/uploads/2015/02/Mauritius-Declaration.pdf
International Conference of Data Protection & Privacy Commissioners (ICDPPC), Global Cross Border Enforcement Cooperation Arrangement, October 2014
Other documents
Global Privacy Enforcement Network (“GPEN”), 2014 Global Privacy Enforcement Network (GPEN) Annual Report 2014, 1 April 2015
https://www.privacyenforcement.net/node/513
World Summit on the Information Society (WSIS), WSIS + 10 outcome document, Geneva, June 2014
http://www.itu.int/net/wsis/implementation/2014/forum/inc/doc/outcome/362828V2E.pdf