• Home
  • eAlerts
  • Concerns over the EU Data Protection Reform Proposals

Concerns over the EU Data Protection Reform Proposals

Scotland
01.06.2013
Download PDF

The Information Commissioner (the IC) himself has published a letter addressed to the Justice Secretary detailing the burdens that the current Proposals would impose on data protection authorities (DPAs) and the impact that this would have on their ability to uphold information rights in practice.

Background

The Proposals, which were published in January 2012, aim to create a higher standard of data protection and promote legal harmonisation throughout the EU. Proposals include increased protection for individuals' rights, clear responsibilities on data processors and the introduction of accountability for data controllers.

However, the Proposals have received continued criticism throughout the reform process including in several responses from the UK - the report by the House of Commons Justice Committee, the response by the UK Government, the analysis published by the ICO, the report commissioned by the ICO and the recent letter from the IC. Further, the ICO's report (published last month) found that there is a lack of understanding of the Proposals across businesses, with some 40 per cent of companies admitting that they don’t fully understand any of the 10 main provisions being proposed.

The Commissioner's letter

The IC's letter details his principal concerns about how the reforms may work in practice. These concerns are widely shared by other commentators and are the areas of the Proposals that are attracting the most debate:

the emphasis on punishment and sanction at the expense of awareness raising and education;
the requirement for all data breaches to be notified to DPAs, rather than just those that pose significant risk;
the requirement for prior authorisation for international transfers where this is not required under current regime;
limited discretion for DPAs over administrative sanctions which are imposed on the basis of process failures rather than privacy risks; and
participation in a consistency mechanism that is insufficiently risk based and contains unrealistic time-limits.

The next stage of the debate

The IC is now urging the European Commission to take his comments on board and hopes that "a way can be found to finalise a data protection regime that is fit for purpose – modern and effective, and delivering for citizens, consumers, and the enterprise economy".



With 27 Member States involved in the negotiation of the Proposals, few people expect the parties to have reached an agreement by June 2013 as planned. With the European Parliament and the European Commission due for re-appointment in May 2014 however, it is hoped that the reforms will be adopted by then.



For now, the topic will remain under debate and can be followed on the ICO's website.


Search Filters

Advanced Search

Key contact

Related content

  • 25.09.2023

    Ukraine advances legislation for state support of projects with significant investments

    In recent years, Ukraine’s government has made attracting investments one of its top priorities. As part of this effort, the Parliament of Ukraine adopted the Law “On Amendments to Certain Legislative Acts of Ukraine on Implementation of Investment...
  • 21.09.2023

    Biodiversity: now a topic for companies

    Biodiversity: the variety of lifeThe term biodiversity, also known as species diversity, is understood to mean a richness of animals, plants, fungi and microorganisms. The term also encompasses the genetic diversity within the different species, the diversity...
  • 14.09.2023

    Ukraine parliament moves forward with competition law reform

    On 9 August 2023, the Parliament of Ukraine adopted the Law of Ukraine “On Amendments to Certain Legislative Acts of Ukraine on Improving the Activities of the Antimonopoly Committee of Ukraine”.This Law, a first step in competition law reform,...