What is it?
In 2012, the Commission, while acknowledging that the objectives of the 1995 Data Protection Directive remain relevant, proposed a comprehensive reform of data protection rules in the EU. The data protection rules needed to be updated following the technological and social changes that had occurred in the digital environment in the intervening years.
A top priority for the Commission in 2015 is the creation of the digital single market for consumers and businesses – taking full advantage of the great opportunities provided by digital technologies, which have no borders. In order to do this, the Commission is placing particular importance on the European data protection reform.
Why is it important?
There is currently a fragmentation of the market in the online world, as the 1995 Data Protection Directive is implemented differently in the 28 European Member States. A true and efficient European digital single market will never exist if data cannot circulate freely and safely within it.
The Data Protection Regulation must safeguard citizens’ rights while creating the appropriate conditions for companies to unlock the economic value of data. These two objectives should be pursued at the same time. The new legal framework must be simple, easy to understand, technologically neutral and flexible enough to be applied to different sectors and different data processing operations.
Following the Parliament’s first reading position on the legislative package in 2014 and the Council’s general approach in June 2015, an agreement between the European Parliament, Commission and Council has been reached. The General Data Protection Regulation was published in the Official Journal in May 2016 and will be applicable as of May 2018.
We support the overall objectives of the data protection reform, including greater harmonization in the area of implementation and the concept of the ‘one stop-shop’, as well as greater consumer confidence in the online environment. However, it is not possible to have a one-size-fits all framework for data protection. We need a less prescriptive and more flexible Regulation that recognises that companies fully take into account the need to properly safeguard the personal data that they process for their customers and employees.
How we’ve been engaged
Orgalime drafted a position paper on data protection in 2014 and continues to monitor the evolution of the legislative package, which is now being discussed in ‘trialogue’ talks between the European Parliament, the European Commission and the Council.