eu-digital-green-certificates / dgc-overview

This repository provides an overview over the EU Digital Green Certificates (DGC) project.
Apache License 2.0
209 stars 29 forks source link

GDPR DPIA as per Article 35 #37

Open umma08 opened 3 years ago

umma08 commented 3 years ago

DPIA for any Member State deployment

daniel-eder commented 3 years ago

Deutsche Telekom provided the European Commission with the necessary documents that will be used to create a DPIA template. We got confirmation from the EC today that these documents have been received and accepted, however this process is now out of our hands and up to the EC to process and forward these to the member states.

umma08 commented 3 years ago

@daniel-eder I am unsure why this is closed. so quickly?

The project, repository custodians, and Member States have an obligation to conduct development according to Data-protection-by-design-and-default principles. Each Member State will be legally required to include data protection principles along the development path. This is a requirement within Article 24 and Article 42, and so should have a specific repository in order for Member States to comply.

Do we have sight of when the template will be released to Member States?

daniel-eder commented 3 years ago

@umma08 We can re-open it, if there is need for discussion/action - just generally keeping issues closed that are not something we (as in Deutsche Telekom and everyone responsible for the technical side of the project handled in this GitHub organization) can influence to give a better overview of open todos.

At this point in the process this is something the EC needs to handle - currently there are no plans (known to us) to release these templates in a repository, however, should the EC decided to use a repository to distribute these templates we'll of course set one up accordingly.

We did not receive an ETA, however, as this is currently mainly a concern between the EC and the member states we're also not necessarily kept up-to-date about the process at all times. I'm happy to give you a ping here once we know more, but most likely the EC will get directly in touch with member state stakeholders.

umma08 commented 3 years ago

I appreciate the issue being re-opened, considering the templates are yet to be seen, will direct the transparency and accountability requirements of any deployments by Member States, and indeed direct the specific developments within Member States alongside their own DPAs.

Please notify me through this open issue when the templates become available.