Romania is one of the European countries who have implemented electronic passports, which also include biometric data (facial image and fingerprints of the holder) in an electronic chip. The Romanian authorities never published any privacy impact assessment or security audit on the IT systems they are using and didn't publish any technical details, always claiming that it is fulfills "the best standards on biometric passport".
A timeline towards the publication of the new EU General Data Protection Regulation is a crucial factor for companies looking for EU wide data protection compliance and perhaps new opportunities of data processing. The current activities of the respective committee give an idea of when the harmonised set of rules will be applicable in the member states.
The 29 Working Party has recently adopted an opinion on which the concept of purpose limitation is deeply analysed. The key of purpose limitation is its goal: “protect the data subjects by setting limits on how controllers are able to use their data” and that’s how it is and should be connected with Big Data and Open Data in order to deal with the privacy risks they raise.