EU Data Protection Reform – Are we nearly there yet? In a word, no.
The EU’s plans for an overhaul of data protection laws have suffered yet another set-back. After much speculation from commentators that the June 2014 deadline was unrealistic, the EU Justice Commissioner Viviane Reding finally conceded in a speech at a meeting of EU justice and home affairs ministers in Athens last week that the draft Data Protection Regulation will not be agreed during the current term of the EU Parliament.
This most recent delay has been caused by EU ministers failing to reach agreement before starting negotiations with the EU Parliament and the Commission. The draft Data Protection Regulation was first published by the European Commission in January 2012 and has proved to be one of the most controversial proposals ever to come out of Brussels, with over 4000 amendments proposed to the Commission’s original draft.
New timetables have been proposed and Viviane Reding has made some optimistic statements that there will still be a new data law by the end of the year. However, the reality is that we will have to wait and see how discussions regarding the draft Regulations progress following the forthcoming parliamentary election season. There currently remain fundamental differences among Member States and some significant changes of approach will be needed if a consensus is going to be reached.
The UK is currently calling for the proposals to be watered down and for the Regulation to become a Directive, giving each Member State the opportunity to interpret the requirements in a way which best suits them when adopting the Directive into national law. However, this approach is unlikely to be welcomed by international businesses looking for consistency regarding the application of data protection legislation cross Europe.
The one consensus which appears to exist among Member States is the acknowledgement that a change of some description to the current data protection regime is required. In the UK, the core data protection legislation has been in force since 1998 and is outdated and often incompatible with the technological advances which have been made in the last 16 years. Updated legislation, which reflects the world in which businesses are now operating and the advances which are likely to occur over coming years, is likely to be welcomed by all, but only if it is clearly drafted, thoughtful and well-reasoned. No one wants another piece of hastily constructed legislation which raises more questions than it answers. We’ve already got the cookies legislation for that!