Feeds

Commission defends data protection review timetable

Long wait for new law

The essential guide to IT transformation

The European Commission has confirmed that it will publish its plans for a review of the Data Protection Directive this year, but will not publish the proposed new law itself until next year.

French data protection authority the CNiL said last week that pressure from national data protection regulators has pushed the Commission's plans back by a year, with a proposal due to be published towards the end of 2011 rather than the end of 2010.

While a Commission spokeswoman said that this timetable was accurate she said that the CNiL had "given the story a 'spin'", and that the Commission had only committed to a review before 2012.

"Commissioner Reding in her answers to the European Parliament before taking up mandate clearly stated that the review of the data protection acquis [body of law] is planned for the first part of her mandate, i.e. 2010-2012," said the spokeswoman.

"The European Commission will outline its plans before the end of the year," she said. "This will be the first step for a legislative proposal that will then follow in the course of the next 10 months."

The CNiL said that the postponement was the result of pressure from national privacy watchdogs who saw a previous timetable as unrealistic. The spokeswoman said, instead, that the Commission was taking time to take into account the results of a public consultation which received 160 responses.

"The revision will be done in very close cooperation with the national data protection authorities because they are the ones who have to enforce EU data protection rules in their countries," she said. "That is why it is so important to be in constant dialogue with them and hear their views. The Commission carried out a public consultation on the review to which national data protection authorities have contributed too."

The spokeswoman said that the process could not be a short one because the changes that EU Commissioner Viviane Reding wants to make are significant.

"Commissioner Reding envisages it as a bit more than simply 'an amendment'," said the spokeswoman. "It is rather an overhaul because the idea is to integrate data protection for law enforcement purposes into the new framework."

Before the passing of last year's Lisbon Treaty, which overhauled the legal basis of the EU, the law was divided into different sections, called 'pillars', and EU law was less powerful and less extensive in areas of policing and justice.

Data protection laws for policing and justice activities must now be moved into the mainstream in a way that was not possible under the old 'pillar' structure. This, said the spokeswoman, is a major change.

"Currently data protection for law enforcement purposes is a Framework Decision, a so-called (former) 'third pillar instrument', which cannot be enforced by the Commission [or reviewed by] the European Court," she said. "Commissioner Reding plans to integrate this instrument into the new framework and make it therefore enforceable by the Commission. It will therefore most probably be one single but comprehensive instrument."

Reding told national data protection regulators last month that EU data protection laws needed to be tied more closely to the Directive itself.

"One of the main concerns expressed by businesses in the recent consultations is the lack of harmonisation and the divergences of national measures and practices implementing our 1995 [Data Protection] Directive," she said. "It is therefore clear that we need to provide further harmonisation and approximation of data protection rules at EU level."

Copyright © 2010, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Secure remote control for conventional and virtual desktops

More from The Register

next story
'Stop dissing Google or quit': OK, I quit, says Code Club co-founder
And now a message from our sponsors: 'STFU or else'
Top beak: UK privacy law may be reconsidered because of social media
Rise of Twitter etc creates 'enormous challenges'
Uber, Lyft and cutting corners: The true face of the Sharing Economy
Casual labour and tired ideas = not really web-tastic
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
Don't even THINK about copyright violation, says Indian state
Pre-emptive arrest for pirates in Karnataka
The police are WRONG: Watching YouTube videos is NOT illegal
And our man Corfield is pretty bloody cross about it
Oz biz regulator discovers shared servers in EPIC FACEPALM
'Not aware' that one IP can hold more than one Website
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.