COE Convention

COE Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data

Published under Risk Management
Title: Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, Strasbourg, 28.I.1981
Source reference: http://conventions.coe.int/Treaty/en/Treaties/Html/108.htm
Topic: Automated data processing activities, including the export of personal data
Direct / indirect relevance Direct. The text directly prescribes an obligation to assess security measures with regard to data processing and to take the required security precautions.
Scope: Convention which is binding to the signatory states (which includes all E.U. Member States) after the entry into force of the convention, which occurred on 1 October 1985.
Legal force: Requires signatory states to provide the necessary privacy protection provisions in their national regulatory frameworks.
Affected sectors: Automated data processing activities
Relevant provision(s): Article 7 – Data security

Appropriate security measures shall be taken for the protection of personal data stored in automated data files against accidental or unauthorised destruction or accidental loss as well as against unauthorised access, alteration or dissemination.
Relevance to RM/RA: Similar to the UN Guidelines above, the COE Convention is mostly of historical importance, as a background to more recent regulation, including (if not particularly) the aforementioned Privacy Directive.

None the less, the COE Convention is a summary statement of basic principles with regard to automated data processing.
Latest publications
Browse the Topics

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies