September 3, 2009


1. The Council of Europe (CE) Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data;

2. The Organization for Economic Cooperation and Development (OECD) Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data;

3. European Union’s Directive 95/46/EC on the Protection of Individuals with Regard to the Processing of Personal Data (Data Protection Directive);

Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data

Date of release:28th January 1981.
Organizer:Council of Europe.
Objective:Article 1

“Object and Purpose”

The purpose of this convention is to secure in the territory of each Party for every individual, whatever his nationality or residence, respect for his rights and fundamental freedoms, and in particular his right to privacy, with regard to automatic processing of personal data relating to him ("data protection").”

This convention also provided that those who wanted to be a member of this convention must abide with the requirments needed that is ensuring that their national legislation contains these basic principles in respect of the personal data of every individual on their territory. However, having that as the requirment for being a member state to the convention resulted few problems, which are:

a. if the party of origin offers a higher level of protection of the personal data than the receiving party;

b. if the transfer of data is to a third state not party to the convention.

In 1992 the Consultative Committee of the Convention for the Protection of individuals with regard to Automatic processing of Personal Data elaborated a Model Contract which is used extensively by private operators in order to facilitate transborder flows of data between states which do not ensure equivalent protection of data,.

In order to adapt the general principles set out in the convention to the specific requirements of various sectors of activity in society, a number of recommendations dealing with the following subjects have been adopted by the Council of Europe:

(a) medical databanks (1981);
(b) scientific and other statistical research (1983);
(c) direct marketing (1985); social security (1986);
(d) police records (1987);
(e) employment data (1989);
(f) financial payments and related transactions (1990);
(g) communication of data to third persons by public institutions (1991);
(h) protection of personal data in the field of telecommunications, in particular telephone services (1995);
(i) the protection of medical and genetic data (1997);
(j) the protection of personal data collected and processed for statistical purposes (1997) and for the protection of privacy on the Internet (1999).