Pan-European Data Protection Reform on Track for 2015 Adoption (June 16, 2015)
European lawmakers will meet on June 24 to agree on a road map toward finalizing data protection reform this year. The European Commission, the European Parliament and the European Council trilogue follows yesterday’s announcement that the ministers of the EC have agreed on a general approach to the commission’s Data Protection Regulation, first proposed in 2012.
The proposal will establish a single, pan-European law for data protection—replacing the 28 laws across member states, which the commission estimates will save businesses €2.3 billion (US$2.58 billion) per year. The regulation also will require businesses to delete data at a citizen’s request, unless the business can show the data are still needed or relevant. Organizations will have to notify the national supervisory authority of serious data breaches as soon as possible (if feasible within 24 hours), so users can take appropriate measures. The regulation also would give national regulators enforcement powers to ensure that the new rules are properly applied, including the ability to impose fines of up to €1 million (US$1.24 million) or 2 percent of a company’s annual worldwide turnover. Non-European companies will be under European data protection law if they operate in the European market.