The comprehensive reform of the European Union’s 1995 data protection rules, which is to come into effect following the conclusion of negotiations on its implementation between European Parliament and the Council of Ministers, will unify the data protection law across European member states and ensure more effective control of people over their personal data.
Background of the reform:
Since January 2012 European Commission has been working on comprehensive reform of the EU´s data protection regulation. The Commission’s project introduces the updated version of the principles enshrined in the 1995 Data Protection Directive in order to make them relevant in the age of Big Data. Negotiations on the reform are still ongoing with an aim to reach an agreement before the end of 2014.
Main objectives of the proposed changes:
The data protection reform will not only provide more control for individuals over their personal data, but it will also cut the red tape for companies operating within the EU’s Single Market. The major changes under the proposals are focused on: reinforcing individuals’ rights, simplifying international transfers of personal data and establishingglobal standards for data protection. High level of data protection is meant to be ensured in all areas (including police and criminal justice cooperation) providing proper application of the rules.
The expected effects of the reform on the economic growth
Collected personal data is recognized to have an immense economic value that EU´s estimations expect to grow up to nearly one trillion euros annually by 2020. The aim of the reform is to realize this potential through the following innovations:
Creation of a single, pan-European law for data protection
For entrepreneurs in Spain, this means that their companies will only have one set of laws to negotiate when they trade internationally with other EU states. Replacement of the current national laws by one European law would entail benefits estimated at €2.3 billion per year.
Establishment of a One-stop-shop for business
Companies operating outside Spain will no longer have to cope with different national authorities. The reform introduces one single supervisory body, assuring easier and less expensive mechanism for companies operating within the European market. Unified regulation for all companies – regardless of the place of their establishment:
Currently Spanish entrepreneurs have to demonstrate compliance with higher data protection standards than their competitors who established companies outside of the EU. This will change with the entrance into force of the new Directive; international companies operating in Europe will have to act in accordance with the unified European rules. In order to effectively enforce the law proposed amendments enable data protection authorities to fine companies who breach the European data protection mechanisms with up to 2% of their global annual turnover.
Marta Stepanowicz & Nicolás Melchior
This article is not considered as legal advice