Which reform for data protection ?

March 1, 2013

Funding Scheme: 2013-03-01


The European commission collaborates with European Council and European Parliament in order to further apply reforms specialised for data protection because more entreprises are interested. European union wants also to involve citizens and NGOs in the current debate.


Today Vice-President Viviane Reding, the EU’s Justice Commissioner and Michał Boni, Minister for Administration and Digital Affairs of the Republic of Poland, met in Brussels where they reaffirmed their intention to make swift progress on the proposed EU data protection reform (see IP/12/46 and IP/13/57).

They agreed on the importance of the data protection reform for individuals and businesses. Europeans should know that their data benefits from a high level of data protection irrespective of where they are in Europe or who processes their data. A modern set of common data protection rules can strongly stimulate the development of Europe’s digital economy. Vice-President Reding and Minister Boni agreed that the data protection reform should increase legal certainty without increasing costs for businesses in Europe’s single market. That is why the Commission is working with the Council and the European Parliament on further developing the risk-based approach in the proposed data protection Regulation. Recognising the significance of the reform, they agreed on the need to continue the pan-European debate on data protection, involving citizens, businesses and NGOs.

Ahead of the Justice Council of 8 March 2013, Commissioner Reding and Minister Boni reiterated their intention to work intensively on the dossier and to support wholeheartedly the Irish Presidency of the Council in its efforts to reach an agreement on the reform.

Vice-President Viviane Reding said: “Data protection is the business model of tomorrow. Making sure that citizens have trust in the way their data is handled is in the interest of consumers and business. This is common sense. We need to create a reliable and clear legal framework so digital business can thrive. It is logical that a hairdresser should not have to comply with the same data protection obligations as a company which processes health data.”

Minister Boni said: “In our work on the data protection package, we should strike the right balance between ensuring a high level of data protection for individuals and at the same time maintaining the proper functioning of the internal market. Quality and feasibility should be at the forefront of our minds. We believe that in this work we should involve our citizens as much as possible, to hear and understand their opinions. Broad public debate is needed and this is what we are doing in Poland.”


On 25 January 2012 the European Commission proposed a comprehensive reform of the EU’s 1995 data protection rules to strengthen online privacy rights and boost Europe’s digital economy. The Commission’s proposals update and modernise the principles enshrined in the 1995 Data Protection Directive to bring them into the digital age. They include a proposal for a Regulation setting out a general EU framework for data protection and a proposal for a Directive on protecting personal data processed for the purposes of prevention, detection, investigation or prosecution of criminal offences and related judicial activities (IP/12/46).

The European Parliament rapporteurs already presented their draft reports on the reform (MEMO/13/4) and the industry committee expressed its support for the business-friendly architecture of the proposal (MEMO/13/124).

The Irish Presidency of the EU which until June is chairing and steering the Council meetings has made data protection a priority and is working hard to achieve a political agreement on the data protection reform by the end of the Irish Presidency. Next week (8 March) Justice Ministers will discuss the data protection reform and a possible risk-based approach at their Council meeting.

The Commission’s proposal already provides for a number of exemptions for SMEs (below 250 employees) for which data processing is not a core activity: for example an exemption from the need to appoint a data protection officer or the duty to put together documentation on their data processing activities. 

Url description: EUROPA

Url: http://europa.eu/rapid/press-release_MEMO-13-158_en.htm?locale=en