Legal Alert – MEPs Vote on the EU Data Protection Package
On 21 October 2013 the European Parliaments Committee on Civil Liberties, Justice and Home Affairs (LIBE) voted on the EU Data Protection Package. The LIBE committee adopted the draft report by a huge majority, showing decisiveness to tackle the post-Snowden era challenges as referred to by rapporteur Dimitrios Droutsas in the EU press conference held on 22 October 2013. This vote was also a significant development in the process which aims to update the current EU data protection legislation before the next European elections in May 2014.
The Commissions proposal, which was originally published in the beginning of 2012, has been subject to some major amendments. For instance, the adopted draft report increases the possible sanctions for companies breaking the rules from the original 2% up to 5% of the companies annual worldwide turnover. MEPs have also amended the criteria for appointing a data protection officer. In accordance with the new version, companies which process data of more than 5,000 people per year and organisations whose core activities involve processing sensitive data or monitoring people systematically would be required to appoint a data protection officer.
Finally, the Parliament, the Council and the Commission must reach an agreement on the final version (trilogue). As outlined by rapporteur Jan Philipp Albrecht, the aim is to start the trilogue negotiations as soon as the Council has agreed upon a common position, and the Parliament will vote on the matter in April 2014.
Judging from the decisiveness and unity of the Parliament and the current scandals surrounding global data protection, we can expect that data protection matters will receive first priority in the EU. Therefore, it is still possible that the new EU Data Protection Package will enter into force in the first half of 2014.
UPDATE: On 25 October 2013 many newspapers headlined that the adaptation of the new EU data protection package has been delayed. Indeed, according to the Councils conclusions the framework shall be adopted by 2015. We here at Attorneys at law Borenius are following closely how this procedure develops and will keep you updated on the process.
For more information on Borenius Privacy and Data Protection services please visit here.