The 28 EU member states have taken a significant step towards a historic overhaul of EU-wide data protection laws, first proposed three years ago.
The justice ministers from each state have now agreed their general approach to the legislation, which just leaves a final text to be thrashed out next week. The European Parliament has generally endorsed the plans already.
The tough new laws bring the prospect of a single digital union by creating a single set of rules on data protection across the EU, as well as strengthen the EU's "right to be forgotten" legislation. The former should make life considerably easier for EU businesses, as they will have one set of regulations to comply with instead of the current multiple versions - the EC claims this will save businesses around €2.3 billion a year.
The Guardian newspaper quoted Latvia’s minister for justice, Dzintars Rasnačs, as saying: “Today we have moved a great step closer to modernised and harmonised data protection framework for the European Union.”
The existing EU data protection regulations date back to 1995. Monique Goyens, director general of the European Consumer Organisation said to the Guardian: “EU laws are now lagging behind the pace of technologies and business practices. Our personal data is collected, then used and transferred in ways which most consumers are oblivious to. An appropriate update must put control of personal data back in the hands of European consumers.”
The Ars Technica blog quotes the new data protection legislation as tightening up considerably in the ‘right to be forgotten’ area: "When you no longer want your data to be processed, and provided that there are no legitimate grounds for retaining it, the data will be deleted. This is about empowering individuals, not about erasing past events or restricting freedom of the press."
As WLS reported back in May, of a quarter million ‘right to be forgotten’ requests made to Google alone, the search giant refused 58.7 percent on the basis that the public had the right to the information.