The Council of Europe Committee of Ministers has adopted a new recommendation on profiling and data protection, the first text to lay down internationally-agreed minimum privacy standards to be implemented through national legislation and self-regulation. Profiling is the technique of observing, collecting and matching people's personal data online, which can now be performed easily, rapidly and invisibly with new communications technology.
Profiling techniques can benefit both individuals, the economy and society by, for instance, leading to better market segmentation or permitting an analysis of risks and fraud, However their use without precautions and specific safeguards could severely damage human dignity by unjustifiably depriving individuals from accessing certain goods or services.
The recommendation to all 47 Council of Europe member states aims at:
providing a coherent regulatory framework, which strikes a fair balance between the interests at stake. For instance, the interest of a bank to assess customer's credit risks and the interest of the customer to be informed about the profiling taking place, its purpose and the logic behind it;
ensuring effective protection of the rights of data subjects and fair procedures in situations where mass quantities of data are processed, such as through Internet searches, the use of mobile telephones or records of consumer habits. For instance, the observation of a user's clickstream to increase the effectiveness of an advertising campaign should be accompanied by appropriate information to that user;
avoiding decisions, discrimination or stigmatisation made automatically, on the basis of profiles. As a general rule, individuals should be allowed to object to any decision taken solely on the basis of profiling.
With this recommendation the Council of Europe strengthens the protection of personal data, as will also be the case with the planned modernisation of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data. Ministers of Justice meeting today in Istanbul at the 30th Council of Europe Conference of Ministers of Justice will adopt a resolution on data protection and privacy in the third millennium. This resolution aims at supporting the modernisation work launched by the Council of Europe.