On June 15, 2015, Ministers in the Justice Council have sealed a General Approach on the Commission Data Protection Regulation proposal.
According to the Commission’s memo, the general approach on the Data Protection Regulation includes agreement on the following main topics:
- One continent-one law – the Regulation will establish a single set of rules on data protection, valid across the EU. Companies will deal with one privacy law, not 28 as today.
- ‘One-stop shop’ – companies will only have to deal with one single supervisory authority, not 28 as potentially today.
- European rules on European soil – companies based outside of Europe will have to apply the same rules when offering services in the EU.
- More powers for national data protection authorities – In order to effectively enforce the rules, DPAs will have the power to fine companies up to 2% of company’s global annual turnover.
- Strengthened and additional rights, such as: (1) reinforced right to be forgotten; (ii)reinforced access data. In addition, data portability will make it easier for users to transfer personal data between service providers; and (iii) right to be informed of data breaches.
The Commission, the European Parliament and the Council intend to agree on a roadmap towards the finalization of the reform in 2015.
For more information: Francesca Giannoni-Crystal.