Feeds

Commission defends data protection review timetable

Long wait for new law

Beginner's guide to SSL certificates

The European Commission has confirmed that it will publish its plans for a review of the Data Protection Directive this year, but will not publish the proposed new law itself until next year.

French data protection authority the CNiL said last week that pressure from national data protection regulators has pushed the Commission's plans back by a year, with a proposal due to be published towards the end of 2011 rather than the end of 2010.

While a Commission spokeswoman said that this timetable was accurate she said that the CNiL had "given the story a 'spin'", and that the Commission had only committed to a review before 2012.

"Commissioner Reding in her answers to the European Parliament before taking up mandate clearly stated that the review of the data protection acquis [body of law] is planned for the first part of her mandate, i.e. 2010-2012," said the spokeswoman.

"The European Commission will outline its plans before the end of the year," she said. "This will be the first step for a legislative proposal that will then follow in the course of the next 10 months."

The CNiL said that the postponement was the result of pressure from national privacy watchdogs who saw a previous timetable as unrealistic. The spokeswoman said, instead, that the Commission was taking time to take into account the results of a public consultation which received 160 responses.

"The revision will be done in very close cooperation with the national data protection authorities because they are the ones who have to enforce EU data protection rules in their countries," she said. "That is why it is so important to be in constant dialogue with them and hear their views. The Commission carried out a public consultation on the review to which national data protection authorities have contributed too."

The spokeswoman said that the process could not be a short one because the changes that EU Commissioner Viviane Reding wants to make are significant.

"Commissioner Reding envisages it as a bit more than simply 'an amendment'," said the spokeswoman. "It is rather an overhaul because the idea is to integrate data protection for law enforcement purposes into the new framework."

Before the passing of last year's Lisbon Treaty, which overhauled the legal basis of the EU, the law was divided into different sections, called 'pillars', and EU law was less powerful and less extensive in areas of policing and justice.

Data protection laws for policing and justice activities must now be moved into the mainstream in a way that was not possible under the old 'pillar' structure. This, said the spokeswoman, is a major change.

"Currently data protection for law enforcement purposes is a Framework Decision, a so-called (former) 'third pillar instrument', which cannot be enforced by the Commission [or reviewed by] the European Court," she said. "Commissioner Reding plans to integrate this instrument into the new framework and make it therefore enforceable by the Commission. It will therefore most probably be one single but comprehensive instrument."

Reding told national data protection regulators last month that EU data protection laws needed to be tied more closely to the Directive itself.

"One of the main concerns expressed by businesses in the recent consultations is the lack of harmonisation and the divergences of national measures and practices implementing our 1995 [Data Protection] Directive," she said. "It is therefore clear that we need to provide further harmonisation and approximation of data protection rules at EU level."

Copyright © 2010, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Choosing a cloud hosting partner with confidence

More from The Register

next story
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Yes, yes, Steve Jobs. Look what I'VE done for you lately – Tim Cook
New iPhone biz baron points to Apple's (his) greatest successes
Lords take revenge on REVENGE PORN publishers
Jilted Johns and Jennies with busy fingers face two years inside
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.