Children using social networks must be protected by EU data privacy rules, and all EU citizens should have the right to know what information is being stored on them and for what purpose, urged the EP Civil Liberties Committee on Wednesday.
People must be able to have their data easily deleted, corrected or blocked and be informed about any misuse or lapses in data protection, argues a draft resolution prepared by Axel Voss (EPP, DE) which is designed to influence the revision of the existing EU Data Protection Directive due to be launched by the European Commission after the summer.
A modern data protection law needed
In general terms, the EU needs comprehensive, modern rules to protect fundamental rights, in particular privacy, whenever personal data is processed “within and beyond the EU”, argues the draft resolution. Data protection rules must also be extended to the areas of police and judicial cooperation between EU countries, emphasise MEPs.
Tough EU-wide penalties for data abuse
MEPs want the updated data protection law to include "severe and dissuasive sanctions", including criminal penalties, for misuse and abuse of personal data. National data protection authorities should be given the necessary resources and be granted harmonised investigative and sanctioning powers, they say.
International data transfers
When personal data is transferred and processed outside the EU, "it is imperative that data subjects' rights are fully enforced”. International data transfer procedures must be improved and "ambitious core EU data protection aspects to be used in international agreements" must be devised by the Commission.
Young people and social networks
Data protection law should recognise a specific need to protect children and minors, as young people have growing access to Internet and digital content and tend to divulge personal data on social networking sites, says the resolution. Media literacy should be included in formal education, to instruct children and minors how to act responsibly in the online environment.
Freedom of the press
The current directive obliges Member States to provide for exemptions from data protection rules when personal data are used solely for journalistic purposes or the purpose of artistic or literary expression. To safeguard press freedom, MEPs urge the Commission to ensure that these exemptions are preserved.
No artificial barriers to data protection
Companies should avoid erecting unnecessary barriers to the individual's right to access, amend or delete his/her personal data, adds the committee, which also backs the idea of requiring firms to appoint “company Data Protection Officers”.
Lastly, the individual's consent to use of his data should be considered valid “only when it is unambiguous, informed, freely given, specific and explicit", stress MEPs.
The report was adopted with 49 votes in favour, one against, and no abstentions.
In the chair: Juan Fernando López Aguilar (S&D, ES)