The European Data Protection Supervisor ("EDPS") adopted an Opinion yesterday on the European Commission's proposals to amend the Waste Electrical and Electronic Equipment Directive ("WEEE or "E-Waste Directive").
The EDPS pointed out the benefits of improving environmentally-friendly policies in the area of e-waste risks arising from inappropriate disposal, reuse or recycling.
Data Protection risks occur when personal data remain stored in IT and telecommunications equipment (e.g. computers, laptops) at the time of disposal or recycling. The EDPS highlighted the need for appropriate security measures at all stages of data processing, including during disposal.
Peter Hustinx, EDPS, stated: "It is important to take into account the potentially damaging effects of WEEE disposal on the protection of personal data stored in used equipment. Respect for security measures and a "privacy by design" approach should be seen as essential pre-conditions in order to effectively guarantee the right to the protection of personal data".
Included in the EDPS recommendations for legislators are the following:
· Integrate privacy and data protection into the design of electrical and electronic equipment "by default" so that users have a simple, free of charge means of deleting personal data before disposal;
· Prohibit marketing of second-hand equipment where appropriate security measures, in compliance with state-of-the-art technical standards, have not been used to erase personal data.