Automatic processing of personal data

A convention to protect individuals' rights

The centralisation of information through the computerisation of various records has made the right of privacy a fundamental concern for the Council of Europe.

The Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, reconciles the free flow of information with privacy and data protection concerns.

It provides safeguards concerning the fair and lawful collection and automatic processing of data, imposes strict conditions on the use of information and gives guarantees of information and access for the individuals whose data are being processed.

It remains the first and only binding international legal instrument with a worldwide scope of application in this field and is open to any country, including those which are not members of the organisation.

In recent years, the team of experts which forms the Convention's monitoring committee (the T-PD) has taken note of concerns over the use of biometric techniques, smart cards and videosurveillance and produced guidelines on the application of data protection principles to these technologies.

The possible “interlinking” of state information reservoirs with those of non-governmental agencies such as banks, insurance companies and airlines is another challenge. The growing transfer of information across borders via the internet has also raised questions about the rise of ‘profiling,' the risks children face when surfing the internet and the emergence of a “surveillance society.”

Henceforth, the Monitoring Committee will keep a watchful eye on all of these questions.


Belgrade, 08.11.2013 – Ministers responsible for Media and Information Society from the 47 Council of Europe member states have called today for adequate and effective guarantees against abuse concerning the growing technological capabilities for electronic mass surveillance. This abuse “may undermine or even destroy democracy”, they said.

In a political declaration adopted at the conference “Freedom of Expression and Democracy in the Digital Age: Opportunities, rights, responsibilities”, which has been held in Belgrade this week, the ministers recall that any data collection or surveillance for the protection of national security must be done in compliance with human rights requirements, including the European Convention on Human Rights. They also adopted three resolutions mapping out the future work of the Council of Europe in the field of freedom of expression.

The ministers note that freedom of expression and media freedom are threatened today in various parts of Europe, and call on states for political commitment and greater efforts to protect them. With regard to the growth of hate speech in Europe, they underline the need for action both at national and international level. (more...)

28 January - Data protection Day

The aim of Data Protection Day, which is marked on 28 January each year, is to give citizens an opportunity to understand what kind of data about them is collected and processed, why this is done, and what rights they have in respect of such processing. It is also an opportunity for them to become more aware of the inherent risks associated with the unlawful use or clandestine processing of their personal data.

Latest news

  • Council of Europe points to the Data Protection Convention as global standard

    At the 33rd international conference of data protection and privacy commissioners, Mexico City, 2-3 November 2011, the Council of Europe pushed for global recognition of its Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (ETS n° 108) as the only practicable and ready-made option for global privacy standards. “Everyone has a right to privacy. Everyone has the right to control the collection, use and disclosure of information about him or her. This right is the foundation of other freedoms and liberties that define open societies, in particular freedom of expression,” said Maud de Boer-Buquicchio, Deputy Secretary General of the Council of Europe. (more...)

  • Conference in Vienna: "Our Internet - Our rights, Our freedoms"

    A high level conference organised by the Council of Europe and the Federal Ministry of European and International Affairs of Austria on the theme “Our Internet – Our rights, Our freedoms” took place in Vienna on 24 and 25 November 2011. Council of Europe member states, the private sector, parliamentarians, civil society and the Internet community looked for ways to give better protection to human rights, democracy and the rule of law online:

    - What are the legal standards needed to protect privacy online effectively?

    - How can interference or harm to the Internet affect rights such as freedom of expression and information?

    - What are the next steps in fighting cybercrime?

    - How should children be empowered to use the Internet safely?

    - How can users be empowered to exercise their rights?

    -Conference website

  • Council of Europe adopts recommendation on profiling and data protection

    Council of Europe adopts recommendation on profiling and data protection The recommendation, which was adopted by the Committee of Ministers on 25 November 2010, is the first text to lay down internationally-agreed minimum privacy standards to be implemented through national legislation and self-regulation. Profiling allows observing, collecting and matching people’s personal data online, from which can benefit both individuals, and the economy and society. However their use without precautions and specific safeguards could severely damage human dignity. (more...)

  • Justice Ministers look to the protection of data and privacy in the third millennium

    At the occasion of the Council of Europe Conference of Ministers of Justice, which took place in November 2010 in Istanbul (Turkey), ministers invited the Committee of Ministers to consider data protection as a priority for the Council of Europe’s future work

2013 edition

As it has been the case for the past years, the Council of Europe has decided on the occasion of Data Protection Day to join forces with one of the key European actors in the field of data protection, the annual international “Computer, Privacy and Data Protection Conference” (CPDP). This event is organised every year in Brussels prior to the Data protection day celebrations.

The theme of the 6th Edition of that CPDP International is “Reloading Data Protection” and the event will be held on 23-25 January 2013.

The Council of Europe will be holding a specific session in the framework of this Conference, which will take place in morning of 25 January, on data protection developments in Latin America. The panel will provide a first-hand and topical overview of the variety of options retained, as well as difficulties faced, in Latin America, considered lately as the fastest data protection normative region of the world.

Reference website