EU Data Protection Regulation update: EU Council reaches agreement on main topics of Regulation

On June 15, 2015, Ministers in the Justice Council have sealed a General Approach on the Commission Data Protection Regulation proposal.

According to the Commission’s memo, the general approach on the Data Protection Regulation includes agreement on the following main topics:

  • One continent-one law – the Regulation will establish a single set of rules on data protection, valid across the EU. Companies will deal with one privacy law, not 28 as today.
  • ‘One-stop shop’ – companies will only have to deal with one single supervisory authority, not 28 as potentially today.
  • European rules on European soil – companies based outside of Europe will have to apply the same rules when offering services in the EU.
  • More powers for national data protection authorities – In order to effectively enforce the rules, DPAs will have the power to fine companies up to 2% of company’s global annual turnover.
  • Strengthened and additional rights, such as: (1) reinforced right to be forgotten; (ii)reinforced access data. In addition, data portability will make it easier for users to transfer personal data between service providers; and (iii) right to be informed of data breaches.

The Commission, the European Parliament and the Council intend to agree on a roadmap towards the finalization of the reform in 2015.

Memo IP/15/5176, Commission proposal on new data protection rules to boost EU Digital Single Market supported by Justice Ministers, is available at…               Open Pdf

Memo /15/5170, Stronger data protection rules for Europe is available at…              Open Pdf

For more information: Francesca Giannoni-Crystal.

Follow us on& Like us on