Every day, organisations and platforms collect, process, and use our personal data, most often in digital form, when we purchase products or services, exchange thoughts or share photographs with friends and acquaintances on social media, search for jobs, read news, or enjoy leisure activities. The processing of personal data drives innovation and brings many benefits to individuals, authorities, and businesses, but it also entails risks that must be managed.
Today is Data protection day, an annual reminder established by the Council of Europe all of us to remember to safeguard our personal data and uphold our right to privacy.
Those risks have multiplied, owing to the development of AI technology. Huge swathes more of data is processed, creating considerable efficiencies and benefits but also increasing risks, most notably the risk of discrimination or of exposure to disinformation and manipulation. That risk has also increased owing to geopolitical transformation.
Data protection day marks when the Council of Europe opened its Convention for the protection of individuals with regard to automatic processing of personal data - known as "Convention 108" - for signature on 28 January 1981.
A world's first in data protection
The convention was the first legally binding international treaty worldwide to protect privacy in the digital age. Now, at 45 years of age, 55 countries have ratified the treaty so far, including the 46 Council of Europe member states, as well as Argentina, Cabo Verde, Mauritius, Mexico, Morocco, Senegal, Tunisia, and Uruguay. Many others have used it as a model for their legislation.
In 2018 the Council of Europe opened a protocol modernising "Convention 108" for signature. This protocol addresses the new challenges to personal data protection that have emerged since 1981. It will enter into force when 38 signatories have ratified it, hopefully in the near future.
Beatriz de Anchorena, Chair of the Council of Europe's Data protection convention consultative committee and Director of Argentina's Agency for access to public information, said: "2026 finds us at a defining moment. Accelerated digital transformation and the deployment of AI are driving strategic policy and standard-setting decisions on governance, regulation, and competitiveness, at a time of growing geopolitical change. In this evolving landscape, protecting personal data remains essential to safeguarding individual rights, democratic values, and trust in the digital environment", she added.
To mark Data Protection Day 2026, the Council of Europe will host an online event from 4 p.m. to 5.30 p.m. CET on 28 January featuring four data-protection supervisory authorities from different continents. These representatives, from member or observer states of the Council of Europe data protection convention, will present their Data protection day initiatives and livestream or channel their events as part of the celebration.
