Feeds

Commission defends data protection review timetable

Long wait for new law

High performance access to file storage

The European Commission has confirmed that it will publish its plans for a review of the Data Protection Directive this year, but will not publish the proposed new law itself until next year.

French data protection authority the CNiL said last week that pressure from national data protection regulators has pushed the Commission's plans back by a year, with a proposal due to be published towards the end of 2011 rather than the end of 2010.

While a Commission spokeswoman said that this timetable was accurate she said that the CNiL had "given the story a 'spin'", and that the Commission had only committed to a review before 2012.

"Commissioner Reding in her answers to the European Parliament before taking up mandate clearly stated that the review of the data protection acquis [body of law] is planned for the first part of her mandate, i.e. 2010-2012," said the spokeswoman.

"The European Commission will outline its plans before the end of the year," she said. "This will be the first step for a legislative proposal that will then follow in the course of the next 10 months."

The CNiL said that the postponement was the result of pressure from national privacy watchdogs who saw a previous timetable as unrealistic. The spokeswoman said, instead, that the Commission was taking time to take into account the results of a public consultation which received 160 responses.

"The revision will be done in very close cooperation with the national data protection authorities because they are the ones who have to enforce EU data protection rules in their countries," she said. "That is why it is so important to be in constant dialogue with them and hear their views. The Commission carried out a public consultation on the review to which national data protection authorities have contributed too."

The spokeswoman said that the process could not be a short one because the changes that EU Commissioner Viviane Reding wants to make are significant.

"Commissioner Reding envisages it as a bit more than simply 'an amendment'," said the spokeswoman. "It is rather an overhaul because the idea is to integrate data protection for law enforcement purposes into the new framework."

Before the passing of last year's Lisbon Treaty, which overhauled the legal basis of the EU, the law was divided into different sections, called 'pillars', and EU law was less powerful and less extensive in areas of policing and justice.

Data protection laws for policing and justice activities must now be moved into the mainstream in a way that was not possible under the old 'pillar' structure. This, said the spokeswoman, is a major change.

"Currently data protection for law enforcement purposes is a Framework Decision, a so-called (former) 'third pillar instrument', which cannot be enforced by the Commission [or reviewed by] the European Court," she said. "Commissioner Reding plans to integrate this instrument into the new framework and make it therefore enforceable by the Commission. It will therefore most probably be one single but comprehensive instrument."

Reding told national data protection regulators last month that EU data protection laws needed to be tied more closely to the Directive itself.

"One of the main concerns expressed by businesses in the recent consultations is the lack of harmonisation and the divergences of national measures and practices implementing our 1995 [Data Protection] Directive," she said. "It is therefore clear that we need to provide further harmonisation and approximation of data protection rules at EU level."

Copyright © 2010, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Big Content goes after Kim Dotcom
Six studios sling sueballs at dead download destination
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.