On 15 June, the Council agreed its so-called general approach on the general data protection regulation. The general approach is a negotiating mandate for the presidency of the Council in the so-called trilogue – informal discussions between the Council, the Commission and the European Parliament on the final version of the regulation. The Commission proposed this reform of EU´s data protection legislation in 2012. The package contains not only the general data protection regulation, which sets out binding EU-wide rules for handling personal data, but also a directive governing its enforcement. The EP adopted its negotiating position on both measures in March 2014. The Council spent months in technical discussions. Earlier this year the ministers finally agreed on their position towards one of the main novelties of the regulation, and one of the most controversial measures at the same time, the so-called one stop shop. Pursuant to this mechanism, in large trans-national cases a decision of one national regulator would apply also in other member states. In practice, therefore, a company with business activities in several member states would only need to abide by one single data protection regime, and not a different one for each member state. This should reduce costs of making business, while not reducing the level of personal data protection. The regulation also contains the so-called right to be forgotten, easier access to one´s data, right to portability of personal data and limits on “profiling” (automated processing of personal data used to assess e.g. personal preferences). The first trilogue concerning this regulation will be held this week. The upcoming Luxembourgish Council presidency hopes to have the general approach on the enforcement directive, being the second part of the data protection package, ready by October.
26th February 2018
9th March 2018