Twenty years counts as an eternity in technology. Current data protection rules date back nearly two decades so an update is urgently required. Not only has technology significantly evolved, but also the way we process and use data has changed. On 11 March Parliament discusses a legislative package that will bring about more control and security online, modernising standards and introducing new rules for companies and national authorities. MEPs will then vote on the plans on 12 March.
Users are in control
Parliament decides this week on how personal data should be managed and protected in the future. The proposal foresees tougher penalties for offending companies, limits on user profiling and stronger and more independent data protection authorities. But most importantly, users would have the right to be erased and thus be "forgotten" online.
Jan Philipp Albrecht, who is responsible for steering the update of data protection rules through Parliament, said: “European businesses will know exactly what rules they have to follow, as they will not have to understand 28 different national laws." The German member of the Green group added: "Under the new rules, only the minimum amount of data that is necessary for providing a service can be initially collected. We have also introduced a new provision that will protect Europeans from access requests by foreign governments. The regulation will also massively limit the ways in which data brokers can sell our data without our knowledge or consent. Of course we will need to do some serious reforms on the way our intelligence services operate in the world after the revelations by Edward Snowden. But this is more a task for the member states.”
Putting limits on data without borders
The NSA scandal reminded everyone that security and crime fighting cannot be an excuse to abuse fundamental rights. In a separate report, Parliament will decide on rules governing cross-border data processing in police and judicial cooperation, designed to protect both domestic and cross-border transfers of data.
Dimitrios Droutsas, a Greek member of the S&D group who is responsible for steering this proposal through the EP, said: "The data protection directive, if approved, will bring significant improvements to the processing of personal data by police and judicial authorities in criminal matters. We, as the European Parliament, need to safeguard our citizens' rights without sacrificing the ability of the police to fight crime."
Unauthorised surveillance comes at a cost
The Parliament will also vote on the conclusion of a six-month investigation by the civil liberties committee into the mass surveillance of Europeans. The report contains recommendations to prevent further breaches and improve the IT security of EU institutions.
The negotiations with the Council will start as soon as EU countries agree on their own negotiating position. The Parliament's aim is to reach an agreement on this major legislative reform before the end of 2014.
For more on data protection reform, videos, interviews and infographics, explore our top story by clicking on the link on the right.