July

EU justice ministers have reached a partial agreement on planned new data privacy laws, but they still disagree about how to implement them. Ministers agreed on the rules that govern international data transfers and on the territorial scope of the data protection regulation. In short, EU data protection laws will apply to non-European companies if they do business in the EU. The proposal for a Data Protection Regulation to update the old 1995 privacy directive was first put forward by EU Justice Commissioner, Viviane Reding. She said she was pleased the council of justice ministers had managed to make some headway.

The discussion at the Council of the EU in the context of the European data protection legislative reform is by no means the end of a process which is likely to carry on for at least a year, but it provided a helpful pointer as to where the policy making thinking is. One of the biggest challenges that organisations operating in the EU have faced since the 1990s is the prohibition on transfers of data to jurisdictions outside the EU without equivalent standards of data protection. The ongoing legislative reform is an opportunity to review the existing regime and bring it into line with today's data globalisation.

"The Data Protection Commissioner 's (DPC) Report for 2013 shows that while complaints were down overall, there was a marked concentration of complaints around requests for access. More than half (57%) of complaints investigated in 2013 related to difficulties gaining access to personal data held by organisations. It was a momentous year for data protection, as the full extent of the activities of U.S. and European intelligence agencies in relation to citizen data was revealed. ""This has sparked an important and welcome debate on the proper balance between national security and privacy considerations for the 21st Century,"" said the report."