Reding tells MEPs to fast-track data protection reforms
By Benjamin Fox
EU commission Vice-President Viviane Reding on Wednesday (28 March) urged MEPs to back her proposals to overhaul the EU Data Protection law, saying that citizens and businesses "can't wait two years for adoption."
Speaking at a meeting of the EU parliament's 'Privacy Platform,' Reding, who presented legislation in January to revise the 1995 EU law, stated that the package, which includes a regulation and a draft directive, would "improve certainty, reduce legal fragmentation and increase trust."
Dear EUobserver reader
Subscribe now for unrestricted access to EUobserver.
Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.
- Unlimited access on desktop and mobile
- All premium articles, analysis, commentary and investigations
- EUobserver archives
EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.
♡ We value your support.
If you already have an account click here to login.
The commission claims that replacing the current regime will lead to savings for businesses of €2.3 billion a year by reducing administrative burden and assuaging public concern about data privacy. Fears about data privacy are believed to be among the main reasons why people are more reluctant to buy goods and services online.
Jan Albrecht, the German Green MEP who has been given the role of piloting the legislation through the parliament, insisted that his report would pursue a strong level of harmonisation in the data protection directive.
Unlike a regulation, where member states have to put identical rules into national law, a directive only sets out a minimum level of EU-wide standards. He added that he wanted to maintain "an open and transparent process" in the parliament's deliberations on the legislative package.
The commission's proposals give individuals more control over the use of their data by private and public companies, including the 'right to be forgotten' - which would see users given the right to demand the deletion of their data. The legislation would also set up a pan-EU data protection panel.
In February, the Barack Obama administration in the US published its own white paper on data privacy in the US. IT businesses have also responded with plans to improve industry self-regulation.
Speaking at Wednesday's event, chaired by Dutch Liberal Sophia In't Veld, Peter Hustinx, the European data protection supervisor, also welcomed the Reding proposal. Hustinx, who is likely to lead the new Data Protection Board, described the reforms as "a huge step forward for data regulation" which would make data controllers "more responsible and accountable."
However, both Hustinx and Christopher Graham, the vice-chairman of the so-called Article 29 Working Party - an informal group of EU national data supervisors - criticised the commission text for being "too prescriptive" and for leaving "not enough discretion for national authorities."
Hustinx commented on the need for further work on the impact of the regulation on national law, arguing that it is unclear whether the package was designed to build on or to replace national law. He also questioned the commission's proposal to offer legal exemptions for small businesses.
Graham told the meeting that the expert group would publish its 46-page opinion on the legal framework shortly.
While giving broad support for the legislation, he also told the audience there is too much scope for the commission to use implementing acts. Implementing acts, which are also referred to as comitology decisions, allow commission officials to decide on the technical implementation of EU law without the usual levels of scrutiny by MEPs and national ministers.
National authorities would need new resources to police the regime effectively, he said and called on the EU parliament to ensure that national data authorities are not reduced to "administrative machines ticking boxes."