Feeds

Commission defends data protection review timetable

Long wait for new law

The Power of One Infographic

The European Commission has confirmed that it will publish its plans for a review of the Data Protection Directive this year, but will not publish the proposed new law itself until next year.

French data protection authority the CNiL said last week that pressure from national data protection regulators has pushed the Commission's plans back by a year, with a proposal due to be published towards the end of 2011 rather than the end of 2010.

While a Commission spokeswoman said that this timetable was accurate she said that the CNiL had "given the story a 'spin'", and that the Commission had only committed to a review before 2012.

"Commissioner Reding in her answers to the European Parliament before taking up mandate clearly stated that the review of the data protection acquis [body of law] is planned for the first part of her mandate, i.e. 2010-2012," said the spokeswoman.

"The European Commission will outline its plans before the end of the year," she said. "This will be the first step for a legislative proposal that will then follow in the course of the next 10 months."

The CNiL said that the postponement was the result of pressure from national privacy watchdogs who saw a previous timetable as unrealistic. The spokeswoman said, instead, that the Commission was taking time to take into account the results of a public consultation which received 160 responses.

"The revision will be done in very close cooperation with the national data protection authorities because they are the ones who have to enforce EU data protection rules in their countries," she said. "That is why it is so important to be in constant dialogue with them and hear their views. The Commission carried out a public consultation on the review to which national data protection authorities have contributed too."

The spokeswoman said that the process could not be a short one because the changes that EU Commissioner Viviane Reding wants to make are significant.

"Commissioner Reding envisages it as a bit more than simply 'an amendment'," said the spokeswoman. "It is rather an overhaul because the idea is to integrate data protection for law enforcement purposes into the new framework."

Before the passing of last year's Lisbon Treaty, which overhauled the legal basis of the EU, the law was divided into different sections, called 'pillars', and EU law was less powerful and less extensive in areas of policing and justice.

Data protection laws for policing and justice activities must now be moved into the mainstream in a way that was not possible under the old 'pillar' structure. This, said the spokeswoman, is a major change.

"Currently data protection for law enforcement purposes is a Framework Decision, a so-called (former) 'third pillar instrument', which cannot be enforced by the Commission [or reviewed by] the European Court," she said. "Commissioner Reding plans to integrate this instrument into the new framework and make it therefore enforceable by the Commission. It will therefore most probably be one single but comprehensive instrument."

Reding told national data protection regulators last month that EU data protection laws needed to be tied more closely to the Directive itself.

"One of the main concerns expressed by businesses in the recent consultations is the lack of harmonisation and the divergences of national measures and practices implementing our 1995 [Data Protection] Directive," she said. "It is therefore clear that we need to provide further harmonisation and approximation of data protection rules at EU level."

Copyright © 2010, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Boost IT visibility and business value

More from The Register

next story
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.