Istungi stenogramm

Teisipäev, 11. märts 2014 - Strasbourg

13. Üksikisikute kaitse isikuandmete töötlemisel - Isikuandmete töötlemine kuritegude tõkestamise eesmärgil (arutelu)

  La Présidente. - L'ordre du jour appelle la discussion commune sur:

- le rapport de Jan Philipp Albrecht, au nom de la commission des libertés civiles, de la justice et des affaires intérieures, sur la proposition de règlement du Parlement européen et du Conseil relatif à la protection des personnes physiques à l'égard du traitement des données à caractère personnel et à la libre circulation de ces données (règlement général sur la protection des données) (COM(2012)0011 - C7-0025/2012 - 2012/011(COD)) (A7-0402/2013), et

- le rapport de Dimitrios Droutsas, au nom de la commission des libertés civiles, de la justice et des affaires intérieures, sur la proposition de directive du Parlement européen et du Conseil relative à la protection des personnes physiques à l'égard du traitement des données à caractère personnel par les autorités compétentes à des fins de prévention et de détection des infractions pénales, d'enquêtes et de poursuites en la matière ou d'exécution de sanctions pénales, et à la libre circulation de ces données (COM(2012)0010 - C7-0024/2012 - 2012/010(COD)) (A7-0403/2013).

  Jan Philipp Albrecht, rapporteur. - Madam President, we are here to debate one of the most important legislative dossiers of this mandate. Thanks to the Lisbon Treaty, we are aiming to protect the fundamental right to data protection in a single EU-wide regulation. Thanks to this European Parliament, we have achieved the incredible goal of negotiating a single EU data protection law on the basis of 4[nbsp ]000 amendments, including many aspects and views from all around the world. We also managed to get a position voted with the largest possible majority of the Committee on Civil Liberties, Justice and Home Affairs in October.

I would like to give particular thanks to the shadow rapporteurs Axel Voss, Dimitrios Droutsas, Alexander Alvaro, Sarah Ludford, Timothy Kirkhope and Cornelia Ernst; the rapporteurs of the opinion committees, Seán Kelly, Lara Comi, Marielle Gallo and Nadja Hirsch, as well as our really hard-working staff. They all invested a lot of time and energy in negotiating this position and an agreement to be accepted.

The broad consensus in Parliament on the importance of a high standard for personal data in the whole European Union and more consistent application and enforcement shows that the European Parliament takes care of citizens’ concerns with regard to their fundamental rights to data protection and their privacy in a digitalised world. If it were only up to this House, we would already be voting on the final regulation tomorrow, in order to present European voters with a result, but more than two years after the Commission proposed the draft regulation, there is still not even a general approach by the Council.

I am very pleased that this Council Presidency presented a timetable in January which envisages letting this happen by July, but I also have a clear message to the Council: any further postponement would be irresponsible. The citizens of Europe expect us to proceed to the adoption of a strong EU-wide data protection regulation. If there are some Member States which do not want to deliver after two years of negotiations, the majority should go ahead without them.

After all that has happened over the last year, European citizens and European companies will not allow us to go on accepting that our European standards are constantly being undermined by global big data business and third-country authorities. If we, the European Parliament, can agree on a complex and comprehensive position, the Council of Ministers can also agree. There is an easy way for the Ministers to agree very quickly: just follow the position of the European Parliament, because all the parties gathered together in your governments have agreed to this compromise. Consumer associations, as well as European enterprises, are urging us to conclude the EU Data Protection Regulation as soon as possible, because they all know that the only ones who will profit from this law being postponed again and again will be the big data companies from Silicon Valley, who are constantly trying to evade EU market rules, thereby gaining competitive advantages against the EU’s IT companies.

We can now see that more and more citizens are searching for data protection-friendly products and services that they can trust. The governments of the European Union now need to show the political will to send the message that systems, products and services in Europe have a gold standard when it comes to data protection.

  Dimitrios Droutsas, rapporteur. - Madam President, may I also start by thanking everybody for having worked so hard in the past two years on this dossier. Without this incredible commitment by everybody, we would not have been able to be here today and voting on the data protection package in plenary tomorrow, thus sending to European citizens the message that the European Parliament is aware of their concerns, that we are taking them very seriously, and that the European Parliament is working for the interests of European citizens.

May I also thank the Commission and Commissioner Reding and her entire team for their commitment, work and good cooperation. We enjoyed working on this file.

My appreciation goes also to the Greek Presidency. I know and recognise the effort that the Presidency is putting into this file, but the Presidency will also allow me to express my dissatisfaction and frustration about the fact that it is the Council, and at least some Member States, which are the reasons why we will not be able to reach the goal that we had set, namely to have the data protection reform package passed by the end of this Parliament’s mandate.

I doubt that the governments concerned will be able to explain this as necessary to citizens in their respective countries, particularly in view of the upcoming elections to the European Parliament.

Parliament has been calling for years for a comprehensive single instrument on data protection that would cover both the private and the public sectors, including the police and judicial cooperation in criminal matters. This is why this Parliament has always, right from the beginning, regarded the proposed regulation and directive as a package: what we call the ‘package approach’, and all our legislative work on the data protection reform has been conducted on precisely this premise.

Let me remind everybody that there was widespread agreement on this even before the two legislative proposals were issued. It was the report by Axel Voss back in 2010 which stressed the idea of a comprehensive and consistent approach, also covering processing in the areas of police and judicial cooperation, including processing at domestic level.

As a consequence, we followed parallel procedures in our work as regards the timing and content of the regulation and directive, and both I and Jan Albrecht – and also the Commission, as repeatedly stated by Commissioner Reding – confirmed this commitment to the package approach several times.

I do not need to elaborate on the regulation. Jan Albrecht has already presented the necessary facts, which I fully endorse, and I would like to thank Jan once again for all the work and commitment he and his team have put into this file.

The directive itself, if approved tomorrow, will bring significant improvements to the processing of personal data by police and judicial authorities in criminal matters. But let me be very frank and very direct. It has come to my knowledge that a number of colleagues have decided to vote against the directive tomorrow.

Colleagues, how exactly will you justify to your voters that you choose to protect them against, for example, Google, but not against police and judicial authorities that tend to act arbitrarily? How can we explain to European citizens that we will vote in favour of the NSA report tomorrow, which reproaches a third country for the hidden actions of its secret services, while we, as European Union Member States, refuse to comply with similar rules?

And how will you explain, in the event that the directive is not adopted by this Parliament tomorrow, that it will be the European Parliament itself that has abandoned the package approach and that we have killed the directive, doing the dirty work that the governments of some Member States would so much like to do?

I shall finish with an appeal to colleagues to do exactly that: to show European citizens that we are taking their fundamental rights seriously by voting in favour of both legislative instruments tomorrow so that they can be negotiated with the European Council as a whole during the next legislature.

  Dimitrios Kourkoulas, President-in-Office of the Council. - Madam President, tomorrow this House will be voting on the reports by Mr Albrecht and Mr Droutsas on the comprehensive data protection package, which was proposed by the Commission in January[nbsp ]2012. This package comprises two legislative proposals. The first is a General Data Protection Regulation, which is intended to replace the 1995 Directive. The second is a Directive on the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties and the free movement of such data. This is intended to replace the 2008 Data Protection Framework Decision.

The Council has welcomed these two proposals and has, on several occasions, publicly pledged its broad support for them. Like Parliament, the Council is entirely convinced of the need to update and modernise the Union’s data protection legislation in light of the significant technological changes that have occurred since the adoption of the 1995 Directive.

Over the past two years, no other legislative file in the area of justice and home affairs has been the subject of such intense discussion in the Council. In 2013 alone, almost 50 days of meetings of the relevant working groups were devoted to the discussion of these two proposals, and the Greek Presidency had already devoted over 10 days of meetings of the Working Party to this package. However, there is no hiding the fact that the Council has not been able to make as much progress as you have done, and I am aware that this is a source of some frustration, as the honourable Member Mr Droutsas has just mentioned.

The Commission chose to propose a regulation, rather than a directive, to replace the current 1995 Directive. The Commission had good reasons for making this choice. I am well aware that Parliament is also in favour of the increased harmonisation which could be brought about by the regulation.

The discussion of the regulation is very work-intensive. This is the biggest, most ambitious piece of draft legislation in the area of justice during the term of this Parliament, covering all companies, public authorities and individuals in the EU. This implies detailed scrutiny by 28 Member States. This shows the great interest of Member States, which have held detailed consultations at home, with several ministries involved. Experts from all 28 Member States are working to ensure that the result of the negotiation is a high-quality legislative instrument. Furthermore, data protection is a cross-cutting issue which touches on almost every area of life and society. This means that the implementation of the 1995 directive affects almost every area of society and a large number of different legislative acts at national level.

The Greek Presidency is committed to progress on this file which is, as you know, a key element for both individual rights and growth in the EU. This file is of crucial importance for the digital internal market, as highlighted by the European Council. I would like also to remind you of the conclusions of the October 2013 European Council on the digital economy, which saw the timely adoption of a strong EU general data protection framework and the Cybersecurity Directive as essential for the completion of the digital single market by 2015.

During the Justice and Home Affairs Council of last week, the Member States confirmed their broad support for the territorial scope and the understanding of the key principles of international transfers – this is Chapter 5 – in line with the position already expressed in the informal January meeting of Ministers in Athens. Progress was also made on key provisions of Chapters 1 to 4, namely pseudonymisation, portability of personal data, obligations of controllers and processors, and profiling. These are essential for the digital internal market.

If, on top of this, you take into account some very specific provisions on data protection in the public sector, such as legislation and social benefits, pensions, youth welfare and public health, you will appreciate that this is an area of very great complexity. Furthermore, these provisions are often intrinsically tied up with the institutional, administrative and even constitutional arrangements within each Member State.

Our aim is to have a high-quality legislative instrument which is able to protect the personal data of our citizens and which can be applied in all Member States. I am confident that, once our internal negotiation process is over, it will be possible for both our institutions to find common ground on these proposals and to have the two instruments adopted.

I would like to take this opportunity to support this Parliament’s view that the data protection reform should also apply in the future to the EU institutions. Last June, Vice-President Reding made a commitment that the Commission would put forward such a proposal.

I would like to assure you that the Council, like Parliament, attaches considerable importance to these reforms. I would like also to thank the Commission and, personally, Vice-President Reding for her dedication and engagement in this file. The Hellenic Presidency will make every effort to contribute to finalising the negotiations between the Member States as soon as possible, so that we can begin discussions with Parliament.

  Viviane Reding, Vice-President of the Commission. - Madam President, I would like first to say a personal word to the rapporteurs, to the shadow rapporteurs and to all their collaborators. You have been extraordinary during the last two years and in the preparatory years before, and I think that through your work you have really shown that the European Parliament is a strong voice for citizens and for economic development and the preservation of our common values. So thank you for having done that, and vous avez bien mérité de notre Europe.

Madam President, in May[nbsp ]2011 this House called for a reform of the European data protection rules. The Commission delivered the proposals requested by Parliament in January[nbsp ]2012: a package, as had been asked for in Parliament’s resolution by your colleague, Mr[nbsp ]Voss.

Now it is again time for this House to act. Now is the moment when this Parliament has the possibility to make the reform irreversible; to show to the world outside that European citizens’ concerns have been heard; to give European businesses a single market in personal data protection so that there are no more barriers and there is legal certainty. So this vote will be an important part of the legacy of this legislature – a test of its willingness to fight for Europe’s values.

I welcome the level of ambition of the report which matches, and sometimes exceeds, what the Commission has proposed. I welcome the fact that Parliament has managed to work on the two reports in parallel and is putting this to the vote tomorrow as a package of revised rules. This is very important and responds very clearly to the Voss resolution.

The Commission and Parliament agree on the pillars of this reform. There has been a strong endorsement of the choice of legal instrument: the regulation, a single law for the whole of Europe. We must do away with the current Directive, which has resulted in a patchwork: 28 national rules that make life complicated and are costly for companies. The savings for companies by doing away with this patchwork come to EUR[nbsp ]2.3 billion per year. So this alone is really an action for SME preservation.

The level playing field will also allow Europeʼs digital industry to compete globally. When offering services to Europeans, non-European companies will have to apply European rules and adhere to the same levels of protection of personal data. This is about creating a level playing field between European and non-European businesses. This is about fair competition in a globalised world.

Parliamentʼs proposals will also put individuals back in control of their own personal data by updating their rights. Explicit consent, the right to be forgotten, the right to data portability, and the right to be informed of personal data breaches are all important elements. These important elements will help to close the rift which exists today between citizens and the companies with which they share their data, willingly or otherwise. They will bring back the trust which has been lost.

The benefits for businesses and citizens alike, as regards the one-stop-shop mechanism, are also confirmed. Companies will only have to deal with one single supervisory authority, which will be the one in the country of the main establishment of the business, rather than with 28 different authorities.

This will make it easier, simpler and cheaper for companies to do business in the EU and to build this digital economy, which everybody agrees that we need. This consistent application of EU law will also make it easier, swifter and more efficient for individuals to defend themselves, to be protected, and to have their complaints dealt with swiftly and on the basis of a coherent and strong protection mechanism.

Finally, if companies do not play by the rules, as is very often the case today, European regulators will be equipped with strong enforcement powers. The rules will give them teeth. They will be able to fine the companies which do not comply with EU rules up to 5[nbsp ]% of global annual turnover. The Commission proposed 2[nbsp ]%. Well, let us go for 5[nbsp ]% if Parliament wants to do so. It will be a deterrent. It will allow our regulators to apply the law, which unfortunately they cannot really do today.

These are the very practical and concrete ways in which the reform will help rebuild citizens’ trust in the digital economy and help European businesses to exploit the full potential of the digital single market. Europe must act decisively to establish a robust data protection framework.

I am impressed by the way the Greek Presidency has taken this dossier in hand. Finally, somebody is leading this dossier. After the Irish Presidency had done some very good work we went into hibernation. Now that spring is back, let us hope that in the Council this spring will lead us to a summer decision. Tomorrow’s vote is a crucial step along the way. Parliament will make this reform irreversible. Our citizens will say thank you to Parliament.

(Applause)

  Nadja Hirsch, Verfasserin der Stellungnahme des mitberatenden Ausschusses für Beschäftigung und soziale Angelegenheiten. - Frau Präsidentin! Als Liberale begrüßen wir natürlich auch eine europäische Datenschutzgrundverordnung. Und ich bin auch besonders stolz darauf, dass der Ausschuss für Beschäftigung hier ganz klar einen Schritt nach vorne getan hat und die Rechte von Beschäftigten noch viel stärker schützt. Z.[nbsp ]B. soll es zukünftig nicht mehr möglich sein, Angestellte per Videoüberwachung zu kontrollieren. Dagegen haben wir uns ganz klar gewehrt.

Ich fordere deswegen auch die europäischen Regierungen auf – im Speziellen auch die deutsche Regierung –, endlich ihre Blockadehaltung aufzugeben. Es kann nicht sein, dass wir hier weiterhin blockieren. Als Liberale wollen wir nicht, dass die Bürger sich entscheiden müssen zwischen Privatsphäre und Datenschutz und einer digitalen Teilhabe. Wir wollen das Gegenteil. Europäischer Datenschutz kann zu einem globalen Wettbewerbsvorteil werden. Und genau hier müssen wir aktiv werden, damit der Verbraucher genau weiß, dass – egal welche Daten er ins Handy oder sein Fitnessarmband eingibt oder auch beim Auto verwendet – diese Daten sicher sind, und er weiß, was damit passiert. Das ist unser Ziel!

  Seán Kelly, rapporteur for the opinion of the Committee on Industry, Research and Energy. - Madam President, I have one minute to summarise two year’s work, so let us not waste time. I will make three positive points and express three reservations.

The point that we want one set of rules – a regulation – across the entire European Union makes absolute sense. Any dilution of that would not make sense in an online world that knows no borders. I very much welcome the protection of children in the online world, through permission from their parents or guardians for the processing of their data. The trust of citizens would be increased by explicit consent and by strengthening the right to be forgotten and, as the Commissioner said, the one-stop-shop would certainly be good for business across Europe.

My reservations: one, SMEs; two, health research; and three, press freedom. I hope that we can deal with those three issues in a more practical manner, because there is no point talking about the importance of SMEs if we have more regulation, no point talking about the importance of health research if we make it more difficult for them to do that, and also no point talking about press freedom if we inhibit them as well.

  Lara Comi, relatrice per parere della commissione per il mercato interno e la protezione dei consumatori. - Signor Presidente, onorevoli colleghi, sinceramente non sono soddisfatta dell'iter che ha seguito la proposta di regolamento, il testo della Commissione era certamente migliorabile ma assolutamente ragionevole. I pareri hanno seguito questa scia, mentre il relatore serbava un approccio un po' più aggressivo. In commissione LIBE infatti il PPE è riuscito a malapena a far notare quanti giovani là fuori stiano creando delle app, delle application che utilizzano anche in minima parte, spesso in forma anonima, dati personali e che rappresentano un modo per dei ragazzi in gamba per guadagnarsi da vivere.

Durante i negoziati ho avuto anche l'impressione che queste microimprese fossero quasi una malattia da sconfiggere, invece che un mondo da istradare verso una maggior sensibilità nei confronti di questa problematica. Da un punto di vista di mercato interno poi non ho capito come mai gli emendamenti di INCO sul meccanismo di coerenza hanno lasciato il posto a una procedura contraddittoria, con il principio del one-stop-shop.

Concludo dicendo che mi auguro che siano i triloghi a consegnarci articoli in linea con le esigenze dei cittadini europei e siano essi data subject o legittimi utilizzatori di questi dati.

  Marielle Gallo, rapporteure pour avis de la commission des affaires juridiques. - Madame la Présidente, aujourd'hui, il n'y a pas de frontières empêchant la circulation des données et des informations. Celles-ci sont donc facilement transférées vers des État tiers et peuvent être interceptées par des organismes de surveillance.

Sur le plan international, l'Union européenne doit conclure, avec les États-Unis, un accord pour éviter l'espionnage réciproque. Nous devons revoir l'accord sur la sphère de sécurité pour renforcer les droits des citoyens et encadrer l'utilisation qui en est faite par les entreprises et les autorités américaines.

Enfin, nous devons exploiter notre potentiel pour développer une offre d'informatique en nuage véritablement européenne.

Concernant le règlement sur les données personnelles, je souhaite qu'il soit adopté rapidement pour qu'il améliore la protection de chacun d'entre nous. Toutefois, n'oublions pas que ce texte ne s'applique pas seulement aux géants du net américains mais aussi à toutes les entreprises et start-up européennes. Alors ayons une position éclairée, ne fantasmons pas sur les données et sachons aussi en apprécier l'intérêt pour notre économie, pour la recherche et pour la santé.

  Axel Voss, Verfasser der Stellungnahme des mitberatenden Rechtsausschusses. - Frau Präsidentin! Für die EVP ist klar, wir brauchen die Datenschutzverordnung für Europa, wir brauchen ein modernes, ein belastbares Regelwerk, und vor allem brauchen wir aber auch eine effektive Durchsetzung der Regeln. Die Bürger brauchen Rechtssicherheit und mehr Kontrolle über ihre Daten und die Unternehmen brauchen Planungssicherheit, damit sie auch in Europa investieren können.

Und wir brauchen diese Datenschutzverordnung rasch, und deshalb appelliere ich auch an den Ministerrat, hier zügig voranzukommen, damit wir eben auch Fortschritte machen in diesem Bereich. Was wir zusätzlich brauchen, sind die Regeln über die gemeinsame Verbrechensbekämpfung. Ein soziales Netzwerk braucht andere Regeln als eine Polizeibehörde, für ersteres brauchen wir die Verordnung, für letzteres brauchen wir die Richtlinie – meines Erachtens die Richtlinie in Form des Rahmenbeschlusses, der 2008 ergangen ist. Wenn wir das hochheben könnten auf die Richtlinie, wäre im Grunde schon das Beste getan.

  Kinga Gál, a PPE képviselőcsoport nevében. – Abban a korban, amikor gyakorlatilag már minden lépésünk a telefonálástól a kártyás fizetésen keresztül egy email elküldéséig, vagy közösségi oldalak használatáig az interneten keresztül történik, és személyes adataink rögzítésével jár, kiemelten fontos egy olyan szabályozás elfogadása, amely követi a kor kihívásait, teret enged ugyan a lehetőségeknek, de képes megakadályozni a visszaéléseket.

Jól emlékszem arra az időre, amikor még azért küzdöttünk – szabadságjogaink részeként – hogy ne figyelhessenek meg, adatainkhoz ne férhessenek hozzá. Groteszk módon egy-két generációval később fiataljaink ma ezt önként teszik meg. Mindenki által hozzáférhetővé teszik saját személyes adataikat. Polgáraink nem mindig vannak tudatában, hogy adataik védelmének kérdése, joga, azok elfelejtése, vagy törlésének fontossága ugyanolyan lényeges, mint már évtizeddel korábban a szabadságjogaink megszerzése volt.

Mindannyian abban vagyunk érdekeltek, hogy jó, használható, gyakorlatban alkalmazható szabályozás szülessen, amely segít biztosítani az egyén személyes adatainak a védelmét, ugyanakkor nem lehetetleníti el a kis- és középvállalkozásainkat, és nem rontja le az egyes tagállamokban már létező, és jól működő adatvédelmi standardokat.

  Sylvie Guillaume, au nom du groupe S&D. – Madame la Présidente, je tiens à mon tour à féliciter chaleureusement nos collègues rapporteurs et toutes les personnes qui se sont investies au cours de ces deux dernières années pour faire avancer ce paquet qui représente, à l'évidence, un enjeu majeur pour les droits fondamentaux de nos concitoyens.

Ces droits doivent être préservés contre les abus en tenant compte de l'évolution du monde numérique que nous connaissons aujourd'hui et pour prévoir aussi les changements de demain. C'est pourquoi j'estime que ces deux textes vont véritablement dans la bonne direction. J'en veux pour preuve l'inclusion d'un droit à l'effacement des données personnelles, le soutien à des voies de recours renforcées ou encore une meilleure information des consommateurs sur la façon dont leurs données sont traitées.

S'agissant des transferts de données des pays européens vers des pays tiers, ils ne devraient avoir lieu qu'en vertu d'une base légale solide, comme un accord international ou un traité d'assistance mutuelle. Obligation d'un consentement explicite, interdiction du profilage: ces deux années de travail ont permis de parvenir à un texte équilibré et qui est véritablement à la hauteur des enjeux de la révolution numérique actuelle, malgré le lobbying assez intense, dirais-je, des géants américains du web et d'autres, d'ailleurs.

Pour ce qui est de la directive, nous sommes également parvenus à clarifier les règles en cas de transferts ou de rétention des données personnelles par les autorités répressives, sans gêner pour autant les enquêtes ou procédures officielles ou nuire encore à la poursuite d'infractions pénales.

Je suis bien consciente de l'hostilité que ces propositions ambitieuses soulèvent parfois parce qu'elles bousculent des fonctionnements établis. Pour autant, j'invite tout particulièrement les États membres à ne pas repousser l'adoption de ces textes à une date incertaine.

Après l'électrochoc des révélations sur les écoutes de la NSA, l'Europe doit se doter de règles claires, protectrices contre les abus.

  Sarah Ludford, on behalf of the ALDE Group. – Madam President, I think it is a real achievement for the European Parliament to adopt its position on the regulation before the end of the mandate. This takes us one step closer to securing reform to guarantee one set of substantive privacy rights across Europe. I thank Jan[nbsp ]Albrecht, the rapporteur, for his very energetic steering of our work. We had a few battles, but I think that we all stayed friends.

I am sorry that my ALDE colleague, Alex Alvaro, cannot be here as he is unwell, but I – as shadow to the shadow rapporteur – built on his work and that of his staff. As Liberals, we sought to implement our belief that it is possible to have a synthesis of high data protection standards and support for innovation and jobs in the digital economy. Our aim throughout was to secure a text which is balanced, giving citizens greater control over how their data is used, and by whom, whilst facilitating technological advances, because smart companies know that their business will only prosper on the basis of trust.

It will be essential to have a robust compliance regime and strict enforcement, as otherwise those companies that do play by the rules will lose out. I am pleased that my colleague Simon Hughes, who is the UK Justice Minister, has announced that the UK Government is reviewing the sanctions for breach of privacy under the existing directive. I am glad that we put back the so-called anti-Pfizer clause to protect our citizens against court orders in third countries, and I am still rather shocked that the Commission dropped this provision from its published draft.

I mentioned trust, and a challenge dear to my heart is to safeguard privacy for health data whilst facilitating valuable research. However, that requires the public to have confidence in what is happening; foreseeability; belief that there are strong safeguards in place; and strict sanctions. I regret the fiasco of the UK implementation of a project called ‘Care Data’ which has had to be delayed because it has very poor management which is losing citizens’ trust in this area.

  Judith Sargentini, namens de Verts/ALE-Fractie. – Voorzitter, het voorstel van het Europees Parlement, in het verslag van mijn collega Jan Albrecht, over de wet voor de gegevensbescherming bevat één cruciaal onderdeel - mevrouw Ludford had het er al over - het verbod voor bedrijven om onze persoonlijke gegevens door te geven aan andere landen, en met name aan de VS. De Googles, de Facebooken, de Amazone van deze wereld voldoen aan Amerikaanse wetgeving en wij zetten er niets tegenover. We kunnen op die manier niet eens met de Amerikanen in gesprek.

Het is daarom ook dat we háást hebben en dat zeg ik tegen de vertegenwoordiger van de Raad. We hebben haast om tot een vergelijk te komen opdat wij Google en Facebook kunnen zeggen: Wat u doet mag niet meer in Europa. We hebben ook haast – en u laat het daarbij zitten – omdat wij Europese bedrijven de kans willen geven om de meest veilige in de wereld te worden en daarmee dus een dienst aan te bieden die iedereen interessant vindt. We hebben vooral haast, Voorzitter, omdat onze burgers bescherming moeten genieten.

(De spreker stemt ermee in een "blauwe kaart-vraag" te beantwoorden (artikel 149, lid 8, van het Reglement))

  Silvia-Adriana Ţicău (S&D), Întrebare adresată conform procedurii „cartonașului albastru”. – Doamnă președinte, aș dori să o întreb pe doamna Sargentini despre transferul datelor cetățenilor europeni către terțe țări. Aș dori să vă întreb, ce părere aveți despre necesitatea de a revizui acordurile internaționale semnate de Uniunea Europeană cu terțe țări care vizează transferul sau prelucrarea datelor cu caracter personal, gen acordul SWIFT sau registrul cu numele pasagerilor, astfel încât aceste acorduri să vizeze noul cadru de reglementare pe care-l vom adopta zilele acestea?

  Judith Sargentini (Verts/ALE), "blauwe kaart"-antwoord. – Voorzitter, ik wil mijn collega bedanken voor die vraag, want het is een heel goede vraag. Jazeker, de Groenen hebben niet voor niets al die jaren tegen SWIFT en tegen Passenger Name Records-collectie gestemd. Wij vinden het ook nog steeds zeer treurig dat mevrouw Reding probeert met de Amerikanen een 'principewet' over gegevensbescherming overeen te komen en dat dat niet lukt omdat zij liever beetje bij beetje onze gegevens in andere wetten laat doorgeven.

Dus ik deel absoluut uw opinie. Ja, SWIFT en PNR horen hier onderdeel van te zijn. En ik zou willen zeggen: we beschermen onszelf niet alleen maar tegen de Amerikanen. Wat als de Russen en de Chinezen ook met dit soort voorstellen gaan komen?

  Timothy Kirkhope, on behalf of the ECR Group. – Madam President, data is the life blood of modern society. It powers every new piece of technology, every innovation. It powers manufacturing, social media and what we buy online. Our history, opinions and personal information are increasingly shared, exchanged and profited from. However, with progress and profits must come protection. Businesses, consumers and the individual are currently contending with 28 different legal regimes, different systems and different mechanisms for appeal and redress.

A new era of technology requires a new era of data protection law. We can now take a step forward in the completion of the Single Market and the digital economy and help attract investment into the EU. But we must apply common sense. We cannot place the same level of administrative burdens on local, small businesses as on multinational companies which deal with massive amounts of personal information. We do not want to deter those scientists and researchers who are finding new cures for terrible diseases and ailments every day. We must not scare off foreign investment in the EU by setting impossible standards.

However, I do not agree with some of the proposals which the European Commission has made, although I believe the final compromise between political groups has signalled the start of finding a proportionate and workable way forward, and I commend the general approach of this House.

  Cornelia Ernst, im Namen der GUE/NGL-Fraktion. – Frau Präsidentin! Daten sind das Öl des 21.[nbsp ]Jahrhunderts. Und beim Datenschutzpaket geht es um nicht mehr und nicht weniger als um die Ausgestaltung und die Gewährung eines Grundrechts und zwar für alle Menschen, die in der EU leben. Und dieses Grundrecht beinhaltet den Schutz eines unbehelligten Privatlebens, das Recht auf Privatsphäre und damit auch auf die Entfaltung der eigenen Persönlichkeit. Dieses Grundrecht verbietet, Menschen gläsern und zu Objekten von Observation zu machen. Es ist ein Recht, ohne das die Bürgerinnen und Bürger auch nicht mündig sein können.

Dafür haben wir nun ein Datenschutzpaket auf den Tisch gelegt. Und mit großem Dank an den Berichterstatter muss ich sagen, es ist ein Paket, das einen modernen Grundsatz von Datenschutz gewährleistet und diesen Zielen nachkommt, die hoffentlich auch in den nächsten Jahren und Jahrzehnten der Angelegenheit gerecht werden können. Nun liegt aber der Ball beim Rat und meine Forderung an den Rat ist: Setzen Sie sich für einen starken Datenschutz ein und verzögern Sie nicht immer wieder die Entscheidungen! Springen Sie!

  Auke Zijlstra (NI). - Voorzitter, wij hebben het vandaag over de vastlegging van persoonlijke gegevens in de digitale wereld, een wereld die steeds meer het leven van alledag bepaalt. Je bankzaken, je e-mail, de sociale media, maar ook alle webwinkels, je telefoonprovider, zelfs je dvd-speler, allemaal leggen ze je gedrag vast. En dat gebeurt onbeperkt, voor eeuwig, met onbekende consequenties en voor de rest van je leven.

Dit, Voorzitter, is onverantwoord. De richtlijn vindt wel dat sóms toestemming moet worden gegeven, maar lang niet altijd. En niemand zal toestemming geven als ze echt doorhebben wat er gebeurt. Maar ondertussen keurde dit Parlement wel eCall goed, een systeem dat iedereen die autorijdt permanent afluistert. Dit Parlement denkt dat burgers alleen te vrezen hebben van het bedrijfsleven en niets te vrezen hebben van de overheid. En deze misvatting zou lachwekkend zijn als het niet zo serieus was.

Voorzitter, het denken over hoe privacy vorm moet krijgen in deze digitale tijd is nog maar net begonnen. Laten we hopen dat het nog op tijd is, want deze richtlijn is niet meer dan een begin.

  Wim van de Camp (PPE). - Mevrouw de Voorzitter, dank u zeer. Het is gebruikelijk om in dit Huis elkaar veel woorden van dank toe te spreken. Daar sluit ik me graag bij aan. Maar met betrekking tot dit dossier zou ik vanmiddag toch ook het Europese bedrijfsleven en de vele ngo's die ons de afgelopen twee jaar hebben beïnvloed willen bedanken. Ik heb er in ieder geval veel van geleerd over het evenwicht tussen de bescherming van mijn persoonlijke gegevens en de mogelijkheden om tot e-commerce en tot een Europese interne markt te kunnen komen.

We zijn het er over eens dat de richtlijn van 1995 niet meer deugt. Het is een verdeeld stuk van 28 landen en daar kunnen we niet mee verder. Maar we lopen wel het gevaar dat het optimale – iets wat collega Albrecht nastreeft – de vijand wordt van het maximale. Wat kunnen we op dit vlak bereiken? De eerlijkheid gebiedt te zeggen dat we natuurlijk ook zelf twee jaar bezig zijn geweest om tot een vergelijk te komen.

Desalniettemin sluit ik me aan bij zijn vraag: Wat doet de Raad? Want de voorzitter van de Raad spreekt wel warme woorden maar waar zijn de daden? Ik weet wel, het is gemakkelijk om altijd de Grieken de schuld te geven, en bovendien zijn er natuurlijk ook andere raadsvoorzitterschappen geweest. Maar hoe gaat de Raad de zaken versnellen? Europa heeft deze verordening nodig, niet alleen voor de privacybescherming, ook voor onze economische ontwikkeling.

  Claude Moraes (S&D). - Madam President, in the next debate on the mass surveillance of citizens, one of the key recommendations is to call on the Council to accelerate its work on implementing this excellent work by Jan Albrecht and Dimitrios Droutsas. The reason we make this a central observation is that we spent months looking around the world at anyone who had tried to do what these rapporteurs have done.

I think Mrs Reding put it very well: Members in this House have created one set of international privacy rights. They have created the space for the digital economy to grow. This is an extraordinary achievement, which we have put into context – and that will be seen in the later debate. But we also need to create a package approach here, because it is not just about the private sector but about the judicial and police authorities as well. It is about all our citizens and the way they interact with data. So we must support both parts of this, the directive and the regulation in the package; we must support both our rapporteurs tomorrow.

  Sophia in 't Veld (ALDE). - Madam President, my congratulations first of all to the two rapporteurs, who did a fantastic job. This is a major piece of legislation of this parliamentary term, and it is actually coinciding with CEbit, which is one of the biggest IT fairs in Europe. This just goes to underline that we need this legislation, as we are living in the era of personal data.

I will be honest and say that I do not think the Data Protection Package is perfect, and I still have doubts about some weak spots – notably the protection of data when they are transferred outside the European Union. But I will give my support to the package, imperfect as it may be, because this Parliament has to give a clear political signal that – contrary to the national governments who are dragging their feet – we stand up for the rights of citizens, who have shown their interest in this legislation in a massive way.

That brings me to the directive, for which I was a shadow. I am actually deeply concerned by the attitude of the PPE, the ECR and the Council. I would call, in particular, on the PPE, who had the very first rapporteur, Mr Voss, to stick to the package approach which we have agreed upon, because the directive is even more sensitive than the regulation, and the opposition against it from the PPE and others is incomprehensible and irresponsible, because when our personal data are being used by the authorities for law enforcement and security purposes, privacy protections must be stronger, not weaker.

In the next debate we will speak about the revelations on mass surveillance, which only go to show the urgent need for better legal protection for citizens. Finally, in a democracy, the fight against crime and terrorism takes place in a proper, legal framework with proper legal protections for citizens, so not adopting the directive will seriously hamper crime fighting. I am looking at the ECR – while Mr Kirkhope is looking at the wall – which, if it is attached to fighting crime and terrorism, should vote for the directive.

  Carl Schlyter (Verts/ALE). - Fru talman! Det är nu 40[nbsp ]år sedan den första automatiska databehandlingslagen kom i Sverige, som gav medborgarna ett visst skydd. Det är dags att EU nu förnyar sin lagstiftning och ser till att den här går igenom, och frågan är inte mer komplex eller svår i rådet.

Det ger oss rätt att flytta data, att välja vem vi vill ska ha våra tjänster. Det ger oss rätt att få våra data raderade och det ger oss rätt till uttryckligt samtycke.

Idag, om du ska läsa alla kontraktsvillkor på de appar och program och liknande som du använder så tar det 180[nbsp ]timmar om året. Vi vill hjälpa medborgarna genom enkla symboler där man får rätt att veta varför ens data samlas in. Man får rätt att veta om de bevaras, man får rätt att veta om de behandlas annat än i ursprungligt syfte eller om de lämnas ut till tredje man eller om de hyrs ut. Vi ger rättigheter, då är det fel av rådet att blockera denna utveckling.

  Vicky Ford (ECR). - Madam President, of course we need to protect an individual’s data, but we will also all suffer if overly-restrictive data laws halt the progress of research, especially medical research. Over 50 patient organisations and medical research charities have written to MEPs about their concerns. They are warning us that the Committee’s changes to this new law will make many health research projects at worst illegal and at best unworkable, and particularly so for large-scale projects.

For example, the Million Women Study, which is looking at breast cancer and its relationship with HRT. It is this sort of project which they say would be unworkable with the specific consent regime and narrow exemption proposed by the Committee. And surely all of us, including Ms in[nbsp ]’t Veld, might recognise the need for further work on diseases like cancer, Alzheimer’s and diabetes. Many of the Committee’s changes in other parts of the legislation are moving in a helpful direction, but it is vital that the changes to Articles[nbsp ]81 and 83 are reconsidered and expert advice is taken.

(The speaker agreed to take a blue-card question under Rule 149(8))

  Sarah Ludford (ALDE), blue-card question. – I would ask Vicky Ford whether she is making representations to her political colleague, the Health Secretary in the UK, Jeremy Hunt, about the appallingly shambolic handling of the so-called Care.data project by NHS England, whereby leaflets were distributed like junk mail and not addressed, telling people they could opt out from having their doctor’s records uploaded onto a centralised database, with no prescribed format for how to do that. This has completely undermined trust and is the main threat to patient confidence in medical research. I hope she is telling her party colleague how he has shot medical research in the foot.

  Vicky Ford (ECR), blue-card answer. – You know it is so good when both parts of the coalition work together to correct wrongs. For your information, I spent all day on Friday with the Minister responsible for research, getting this bit of regulation right so that there is a balance between protecting data but also allowing all of us to benefit from world-leading science that needs to look at how patients and people in general are affected. That is a really important balance. And yes, our side of the coalition is working on correcting that wrong and getting it right.

  Carlos Coelho (PPE). - Senhora Presidente, Senhora Vice-Presidente, Senhor Presidente do Conselho, minhas Senhoras e caros Colegas, vivemos tempos em que o valor da proteção de dados como um direito fundamental é cada vez mais evidente.

É assustadora a quantidade de dados pessoais que todos os dias são recolhidos e armazenados: as pessoas que conhecemos, a música de que gostamos, os livros e as notícias que lemos, o dinheiro que gastamos, etc.

Os sucessivos escândalos a que temos vindo a assistir envolvendo forças de segurança de Estados-Membros da União e de Estados amigos reforçaram a perceção pública dos perigos em que incorremos e sabemos que as novas tecnologias tornam mais fácil essa devassa.

Os cidadãos europeus têm, pois, razões para reclamarem uma proteção adequada da sua privacidade e esperam que se possam salvaguardar e garantir os seus direitos e liberdades. Felicito Viviane Reding pela proposta que nos fez bem como pelo facto de incorporar em larga medida as recomendações contidas na resolução do Parlamento Europeu de 2011. Embora tivéssemos preferido um instrumento único, aceitámos a divisão entre uma diretiva e um regulamento. O resultado alcançado quanto ao regulamento e quanto à diretiva está longe de ser perfeito e acredito que poderá ser melhorado. Não podemos, porém, aceitar que o Conselho avance apenas com o regulamento, o que poria em causa o grande objetivo desta reforma de criar um corpo legislativo que incida sobre todas as questões e domínios, proporcionando uma maior clareza e certeza jurídica e reconquistando a confiança dos cidadãos.

Defendo, assim, que viabilizemos os dois relatórios e cumprimento os dois relatores. Não há soluções perfeitas, mas são boas plataformas negociais para o diálogo com o Conselho.

  Juan Fernando López Aguilar (S&D). - Señora Presidenta, durante este debate hemos hablado de la nueva normativa que mañana sometemos a votación en detalle. Y hemos hablado también de la revolución tecnológica que explica que la Directiva de 1995 se haya quedado completamente obsoleta. Pero no hemos hablado bastante del enorme paso de gigante que está dando este Parlamento al regular derechos fundamentales de los ciudadanos.

Porque de eso estamos hablando: de derechos fundamentales que están consagrados en el Tratado de Lisboa, en el artículo 8 del Tratado de la Unión Europea y en el artículo 16 de la Carta de los Derechos Fundamentales de la Unión Europea.

Y este Parlamento aquí no está tratando del transporte animal ni de las garantías de comercialización o etiquetado de los productos alimentarios, con ser importantes. Está hablando de derechos fundamentales y lo hace reforzando la privacidad de los ciudadanos sobre la base de su consentimiento, y reforzando también el principio de legalidad, que es el que obliga a que cualquier limitación sobre la privacidad de los ciudadanos tenga que ser establecida por una norma que pueda someterse a un test de necesidad y de proporcionalidad, como quiere la Carta de los Derechos Fundamentales de la Unión Europea.

Pero se trata también de un refuerzo de la titularidad de esos datos para poder corregir o cancelar, en su caso, los que sean lesivos para la privacidad de los ciudadanos, a través de lo que se conoce como el derecho al olvido.

Es un paso de gigante el que está dando este Parlamento Europeo, actuando de manera directa con un reglamento para legislar los derechos fundamentales. Porque un reglamento no requiere transposición, sino que es directamente vinculante para los Estados miembros e invocable por los ciudadanos ante los tribunales.

Ahora bien, le acompaña también una directiva y forman un paquete. Por tanto, llamo la atención sobre el punto que ha señalado el ponente Droutsas de la Directiva. Es imprescindible, para reforzar la seguridad que acompaña a la garantía de la privacidad, que se apruebe la Directiva relativa a las law enforcement agencies junto con el Reglamento.

  Csaba Sógor (PPE). - Egyetértek a Bizottság javaslatának azon elemével, amelynek értelmében a belföldi adatcserét is az irányelv hatálya alá vonná. Bár az uniós jog hatálya tekintetében lehetnek viták, az nem kérdés, hogy amennyiben bűncselekmények megelőzése érdekében történő adatfeldolgozásról, illetve a polgárok alapvető jogairól beszélünk, akkor a belföldi adatcserék kulcsfontosságúak.

A napjainkra jellemző technikai fejlődés gyökeresen megváltoztatta a személyes adatok védelmét is. Egyre nagyobb mértékben teszünk közé adatokat magunkról a világhálón, azokat pedig soha nem látott mértékben tároljuk és használjuk. Természetesen szem előtt kell tartanunk a bűncselekmények megelőzése és felderítése szempontjából előnyös szabályozás megalkotását, a polgárok alapvető jogait illetően azonban szigorúaknak kell maradnunk.

Meggyőződésem, hogy Európának élen kell járnia a világban a személyes adatok védelme terén, és remélem, hogy ez a szabályozás tükrözni fogja mindazt, amit Európa jelenleg gondol erről a kérdésről.

  Silvia-Adriana Ţicău (S&D). - Doamnă președinte, susțin necesitatea adoptării unui pachet legislativ privind protecția datelor cu caracter personal, care să asigure o mai mare flexibilitate și reducerea birocrației pentru IMM-uri și un set de reguli comune pentru prelucrarea datelor cu caracter personal și libera circulație a acestor date.

Susțin necesitatea acordării consimțământului explicit, informat și specific scopului prelucrării de către persoana vizată, printr-o acțiune clară și pozitivă a persoanei vizate. Consider important ca notificarea autorității competente de supraveghere privind încălcarea securității datelor cu caracter personal să aibă loc pentru fiecare caz de încălcare a securității datelor cu caracter personal. Am susținut ca aceste notificări să fie efectuate în termen de maxim 72 de ore de la momentul la care operatorul devine conștient de încălcarea securității datelor cu caracter personal. Consider că atât operatorul, cât și persoana împuternicită de operator să prelucreze datele personale în numele operatorului, trebuie să fie responsabili de asigurarea securității datelor cu caracter personal prelucrate și de corecta prelucrare a acestora.

  Anna Maria Corazza Bildt (PPE). - Madam President, with this important reform we will increase personal data protection from account fragmentation between the Member States and provide legal certainty. This regulation affects every aspect of our lives and concerns both consumers and companies, the way we access goods and services and communicate on social media, deal with marketing, get information and book travel. That is why I have been pushing to make it applicable in real life, with a clear definition of consent and with profiling that is technologically neutral and future-proof.

We succeeded in striking a balance between higher standards of privacy, public access to documents, and freedom of expression. I am happy that my proposals to protect children have been included. Information should be child-friendly and easy to understand, because teenagers may not be aware of the consequences and just ‘click it away’. To ensure constant verification, the industry should take its share of the responsibility.

There are still, however, issues that need to be improved. The current definition of sensitive data may affect the Swedish health register, and unless further exceptions to the right of erasure are made, medical research will be hampered. We also need to cut red tape for companies in order to really make sure that the development of innovation and a competitive Digital Single Market can blossom. Together we should move quickly in implementing negotiations with the Council and improve the regulation to make it even more applicable.

  Zbigniew Zaleski (PPE). - Madame la Présidente, j'avais le carton bleu, mais vous ne me regardez pas. J'avais une question pour M. Aguilar. Il ne faut pas discriminer les gens, il faut regarder tout le monde. Si vous m'inscrivez pour les interventions à la demande, je pourrai utiliser ce temps de parole.

  Evelyn Regner (S&D). - Frau Präsidentin, sehr geehrte Frau Kommissarin! Mir ist der Beschäftigtendatenschutz ein besonders wichtiges Anliegen. Deshalb möchte ich mich jetzt darauf konzentrieren. Wir haben nun mit dem Artikel[nbsp ]82 Mindeststandards für den Beschäftigtendatenschutz vorgesehen. Das ist ganz entscheidend für ein möglichst hohes Schutzniveau, das gesetzlich oder aber auch über Kollektivvertragsverhandlungen erreicht werden kann.

Ein anderer Aspekt, der nun nach dem Bericht in der Verordnung vorgesehen ist, ist das ausdrückliche Verbot von Blacklisting. Gerade hier haben wir in der Vergangenheit erschreckende Beispiele in der Praxis kennengelernt, in denen unbequeme Arbeitnehmervertreter, Betriebsräte, Gewerkschafter auf schwarze Listen gesetzt wurden und dann keine Existenzgrundlage mehr hatten. Das gibt es in Zukunft nicht mehr. Denn diesbezüglich sind nach unserem Bericht Sanktionen vorgesehen. Das ist ausdrücklich verboten.

Es gibt andere Punkte, die ich nicht so erfreulich finde, wie beispielsweise die Tatsache, dass kein Mitspracherecht bei der Bestellung des Datenschutzbeauftragten seitens der Arbeitnehmervertreter vorgesehen ist. Aber in Summe ist es ein absoluter Fortschritt, was den Beschäftigtendatenschutz betrifft.

  Salvatore Iacolino (PPE). - Signora Presidente, signora Reding, onorevoli colleghi, non v'è dubbio che imprese, consumatori e famiglie riceveranno vantaggi concreti da questo regolamento: peraltro la riforma del provvedimento del 1995 non poteva essere ulteriormente rinviata, sono passati quasi vent'anni ed è cambiato tutto. La modernizzazione recata dai servizi internet ha decisamente richiesto questo provvedimento che accogliamo con favore.

Peraltro il clima di sfiducia legato anche alla vicenda del Datagate imponeva un quadro legislativo chiaro, che tutelasse davvero i cittadini rispetto a questioni concrete, cittadini, famiglia e imprese. Il risultato è assolutamente apprezzabile, crea un mercato unico digitale con uno sportello unico, riduce gli oneri amministrativi secondo un principio di proporzionalità a vantaggio delle piccole e medie imprese, assicura una legislazione più semplificata, tutela i minori e le categorie fragili e nel contempo stabilisce condizioni di parità per le aziende non europee che operano in Europa.

Si tratta certamente di passi avanti concreti, con una direttiva che poteva essere varata con qualche ulteriore elemento che garantisse diritto di privacy da un lato e adeguata informazione dall'altro. Nel complesso un risultato positivo raggiunto, che tutela i diritti fondamentali, le attività commerciali e la sicurezza ai cittadini.

Interventions à la demande

  Zbigniew Zaleski (PPE). - Madame la Présidente, nous avons trouvé une belle solution.

Jako psycholog zajmujący się m.in. prywatnością chciałabym zwrócić uwagę komisarz Reding oraz naszych koleżanek i kolegów na fakt, że ochrona prywatności należy do jednego z podstawowych motywów zachowania się człowieka. Zgodziłby się z tym również Freud. Myślę też, że ludzie mają jednocześnie common sense i że dla celów naukowych, które mogą pomóc w poszukiwaniu np. metod lepszego leczenia albo zabezpieczenia ich przed atakami terrorystycznymi, są skłonni do ujawnienia pewnych informacji. W naszych dyrektywach i rezolucjach należy poszukiwać równowagi – ani w ekstremalną ochronę, gdzie nic nie ujawniamy, ani w ujawnianie wszystkiego. A więc potrzebne jest w tej sprawie pewne psychologiczne podejście. Taką sugestię poddaję pod rozwagę Komisji jak i naszego zespołu w Parlamencie Europejskim.

  Marc Tarabella (S&D). - Madame la Présidente, Madame la Commissaire, le citoyen va enfin devenir maître de ses données personnelles. Cela sonne comme un rêve qui aurait toujours dû rester une réalité. De vrais pare-feu protégeant les droits du citoyen européen sont mis en place et nous ne pouvons que nous en réjouir. Bien sûr il y a quelques bémols.

Premièrement, certains collègues, d'ailleurs présents ici dans cet hémicycle, ont rendu impossible l'audition d'Edward Snowden, qui aurait pourtant été très utile.

Deuxièment, malgré les atteintes manifestes portées à notre vie privée par la NSA – ce sera le débat suivant –, certains ici, souvent les mêmes dont je viens de parler, veulent passer l'éponge et défendent encore l'intérêt des grandes multinationales plutôt que ceux des citoyens.

Enfin, je regrette que la pseudonymisation ne soit pas considérée comme des données personnelles et ne rentre pas dans le cadre du texte qui sera voté demain.

Ce matin en Belgique, on concluait que le nombre de plaintes sur la violation des données avait doublé en un an. Entre la NSA prise la main sur l'écouteur à nous espionner et les grandes multinationales américaines, qui confondent données personnelles et données marketing, il est temps que les citoyens reprennent possession de ce qui leur appartient.

  Ruža Tomašić (ECR). - Gospođo predsjedavajuća, zaštita osobnih podataka veliki je izazov današnjice. Građani su meta agresivnih marketinških kampanja usmjerenih prema njima upravo na temelju njihovih osobnih podataka koje marketinške agencije koriste mimo njihove želje i njihovog pristanka.

Takvo curenje podataka nije karakteristično za državna tijela i institucije, ali u dijelu javnosti postoji druga bojazan koju izravno vezujemo uz državu. Veliki dio naših građana zazire od pojačanog nadzora i sumnja na neovlašteno i neutemeljeno korištenje represivnog aparata i tajnih službi kako bi se ograničila njihova građanska prava.

Ipak, bojim se da bi ovakav prijedlog direktive značajno otežao rad policije i obavještajnih službi. Zabrana obrade osobnih podataka koji se odnose na etničko i rasno podrijetlo te vjersku pripadnost predstavljat će veliki uteg pri istraživanju i procesuiranju ratnih zločina i terorističkih napada s obzirom da ti elementi u nekim slučajevima predstavljaju glavni motiv za takve zločine.

  Franz Obermayr (NI). - Frau Präsidentin! Wie wir wissen, weist die geltende Datenschutzrichtlinie viele Lücken auf. Sie ist leider Gottes in den verschiedenen Mitgliedstaaten auch unterschiedlich umgesetzt. Deswegen haben wir verschiedene Regelungen. Es gilt einerseits der Ort, an dem die Daten verarbeitet werden, und dann auch wieder das Recht des Ortes, an dem die Daten erhoben werden. Vor allem IT-Konzerne aus USA nützen diese Lücken. Sie lassen sich dort nieder, wo die Umsetzung der Bestimmungen sehr schleppend ist, vor allem in Irland. Diese Lücken müssen geschlossen werden.

Wir brauchen daher ein hohes Schutzniveau für sämtliche Formen der Datenverarbeitung. Die Regeln müssen auch für Verarbeiter in Drittstaaten gelten, wenn diese mit europäischen Daten umgehen. Soll der Zweck einer Datenverarbeitungsregelung geändert werden, so darf das nur mit Zustimmung der Betroffenen erfolgen.

Die Kommission hat wieder viele delegierte Rechtsakte eingebaut. Das ist auch abzulehnen, denn das gefährdet die Rechtssicherheit. Schließlich brauchen wir abschreckende und hohe Strafen, sonst bleibt der ganze Datenschutz der Union zahnlos!

  Silvia Costa (S&D). - Signora Presidente, onorevoli colleghi, per costruire uno spazio europeo dove il diritto alla privacy e alla protezione dei dati personali siano garantiti occorre approvare queste due normative integrate, perché si tratta di dare effettività a una nuova generazione di diritti e di tutele sulla rete.

È importante quanto si prevede, in particolare per tutelare i minori, sui quali abbiamo fatto degli emendamenti che sono stati recepiti, per il diritto alla cancellazione che è esteso anche ai paesi terzi, così come è importante che il campo di applicazione della direttiva non sia soltanto per i trattamenti transfrontalieri, ma anche all'interno.

Mi auguro che il Consiglio e la Presidenza prossima, che sarà poi italiana, si impegnino perché sia accelerata l'approvazione di questa importante direttiva, ma anche per giungere a una regolamentazione molto auspicata degli over the top operanti in Europa.

  Tonino Picula (S&D). - Gospodine predsjedniče, ovu raspravu vodimo dok još odjekuju afere u kojima se dokazano ugrožavalo pravo na privatnost, kao jedno od temeljnih prava građana Unije. Od usvajanja prve uredbe o zaštiti podataka do danas prošlo je gotovo 20 godina. Zakonodavstvo mora ići u korak s vremenom i obuhvaćati važna tehnološka dostignuća proteklih godina, poput razvitka društvenih mreža i skladištenja podataka na vanjskim poslužiteljima.

Podržavam prijedloge da regulacija ubuduće utječe na sve subjekte u Europskoj uniji, ali i organizacije izvan Unije koje koriste osobne podatke građana. Treba poticati koordinaciju zemalja članica kako ne bi došlo do neusklađenosti među njihovim zakonskim procedurama. Posebno bih pozdravio pažnju posvećenu zaštiti djece. Naglašavam i kako je korisnicima potrebno omogućiti kontrolu nad opsegom informacija koje daju. Potrebno je spriječiti tražitelje informacija da zahtijevaju informacije koje nisu neophodne za obavljanje usluge, a pogotovo ako odbijaju pružiti usluge bez davanja takvih informacija.

(Fin des interventions à la demande)

  Viviane Reding, Vice-President of the Commission. - Madam President, let me take one or two technical questions before I come to the conclusions. Concerning SMEs, some parliamentarians have raised concerns as to whether SMEs are well protected. I say that this reform is good for SMEs, because for those SMEs which do not operate cross-border, we have included a risk-based approach to data protection, which makes sense, because the safeguards a company has to apply have to be proportionate to the risk for data protection. For those SMEs which want to work cross-border, the reform opens the market. At the moment the fragmentation of the European market prevents SMEs from applying the same rules in each territory where they want to develop their business, which could mean 28 authorisations and 28 different laws to apply, so for SMEs and start-ups to be able to utilise the whole European space, this reform opens that space to them. It is estimated that it will make a saving of EUR[nbsp ]2.3 billion for most of these small companies.

Some parliamentarians have also raised the question of health. I do not want to go into party polemics on this, but let me just stress that the Commission proposal includes specific rules on data processing in the area of health. It says that, in very specific research circumstances, data can be processed without the consent of the individual concerned. This very specific rule is justified, in my view, because of the crucial general interest which medical research brings to society. I believe that the Commission’s proposal should be maintained on this point, as it strikes a balance between protecting citizens’ rights in a very delicate domain and facilitating the indispensable research which saves lives. I hope that the negotiators in the trilogue will find a balance in this field which can please those who want to preserve the individual and those who want to preserve research.

Concerning the directive, we in this House should never forget that the freedom and security of our European citizens are two sides of the same coin. They are two policy objectives that should be pursued in parallel. One cannot advance without the other, and one should not eliminate the other. That is why the Commission answered the European Parliament’s call to present a reform that would apply to the private sector as well as to the law enforcement domain. I believe that, in light of the NSA spying revelations, European citizens are more concerned than ever about the risk of abuse and the invasion of privacy, by institutions sometimes hiding behind security considerations. Law enforcement is not above the law.

By the way, speaking of directive and framework decisions, this House should know that the framework decisions will automatically become directives on 1[nbsp ]December this year, and for this change we do not need a parliament. I hope the European Parliament will go a step beyond the soon-to-be-obsolete intergovernmental method of pre-Lisbon times. That is what Parliament should do, and that is what I am pleading for. I think that is also what the citizens would like us to do. They will not understand how Parliament could oppose a directive which would protect citizens in the law enforcement domain, and that is why tomorrow I would really like to see a strong vote and a united Parliament backing both proposals – the regulation and the directive.

Ladies and gentlemen, tomorrow’s vote must bring us closer to ensuring that the European Union remains a gold standard setter for data protection worldwide, and it should give the European Parliament’s negotiators, who need to sit down and speak about every detail with the Council, a strong mandate for the future negotiations. It should make crystal clear that for Europe, and in Europe, data protection is much more than just a concept or a vague principle. Here we are speaking about a fundamental right, and we should back a fundamental right with a fundamental law. In this sense I congratulate the European Parliament on its strength and ambition. Let us not discuss details. Let us see the fundamental rights question. Let us go for it. European citizens expect nothing less and deserve nothing less.

  Dimitrios Kourkoulas, President-in-Office of the Council. - Madam President, honourable Members, I think I explained in my opening remarks the reasons why it has not been possible for the Member States and the Council to make more rapid progress, as everybody would have wished. During the Greek Presidency – our Presidency – which, as I said, is now in its tenth week, we have already organised ten meetings of the relevant working group.

At the informal ministerial meeting in Athens on 23[nbsp ]January there was clearly overall support for the approach of Chapter[nbsp ]5, on International Data Transfers, and Article[nbsp ]3, on the Territorial Scope of the Regulation. This support was confirmed at the Council meeting last week.

I agree with the rapporteurs, and also with the Vice-President of the Commission, that the Union must take the lead in the development of legislation on data protection. While working on this file, we of course also have to make sure of the high quality of the legal framework in order to meet the challenges posed by the rapid changes in information and communication technology and ensure a high level of protection of fundamental rights, as was rightly mentioned by Vice-President Reding. She also noted – and I want to underline this – the growth dimension of this proposal (this package), not just for SMEs but also for the integration of the internal market.

For all these reasons, the Greek Presidency is committed to progress on this file. I am sure that Parliament and the Council will be able to bring this file to a successful conclusion, with all our support. We are determined to push for conclusion. Our aim, for the time being, is to have a positive conclusion, at least partially, so that we can start the trilogue by the end of June.

  Dimitrios Droutsas, rapporteur. - Madam President, may I also thank my colleagues for their comments, their good words and also their support. I have also noticed with some satisfaction that all interventions today have reaffirmed the package approach and its importance. May I express the hope that colleagues will also confirm this with the vote tomorrow? After all, it is about our credibility: the credibility of the European Parliament vis-à-vis the European citizen. So may I once again appeal to colleagues to vote tomorrow in favour of both reports, the regulation and the directive. Of course I will follow what some colleagues have said, for instance Sophie in ‘t Veld or Carlos Coelho. The package presented is not perfect, this is clear. But it is the right step in the right direction, and we should take this into consideration. Most of all it will be a necessary and important message to our citizens that we are taking their concerns very much into consideration, especially in such difficult times – sensitive times – after the NSA scandal and all the other revelations. But our vote tomorrow will also send the necessary message to the Council and to Member States to speed up their preparations and come to the trilogue, so that we can finalise this package and present to our citizens a real and effective reform of the data protection package.

  Jan Philipp Albrecht, rapporteur. - Madam President, I would like to thank my colleagues who took part in this good debate.

In my final remarks, I would like to address some concerns – or rather, misunderstandings – which seem to be circulating. First, we do clearly differentiate small and medium-sized enterprises from bigger businesses. There are a number of points which lighten the burden for SMEs.

But we also have to change to a certain extent the approach when it comes to data processing, because it is not only the size of a company that might count, but also the volume of personal data being processed in a company. That is what we are trying to do in our compromise, for example with regard to data protection officers or to impact assessments. It is the risk which counts, and we have taken that into account.

Secondly, some publishers’ and journalists’ organisations fear that this regulation would make their work as journalists more difficult. That is not the case at all. The existing data protection law already provides for reconciliation of data protection and freedom of expression by the Member States, which is exactly what we ensure in Article[nbsp ]80. Nothing will change for journalists in this regard, and the same is true for other special professions, for example researchers and archivists.

By the way, with regard to health research, it is clear that we make an exception for this. We say that there is an exception for high public interest and that consent is not necessary. Health data is a sensitive case, and in any case we cannot allow people just to run into doctors’ offices to take our personalised private profiles. So it needs to be reconciled, and that is what we have tried to do.

My third and last point concerns the fact that a few Member States raised the fear that this regulation would replace the rules which decide whether personal data can be processed by public authorities. That is also not the case. On the contrary, this regulation even states explicitly that there have to be Member State laws for data processing by public authorities. That is why the regulation does not say which data can be processed by tax authorities or schools. The Member States have to decide this.

So this, in the end, is a good, proportionate and strong compromise. We hope that we can start negotiations with the Council directly after this Parliament has been reconstituted and you have found your position in Council.

  Axel Voss (PPE), Frage nach dem Verfahren der „blauen Karte“ an Dimitrios Droutsas. – Ich hatte um eine „blaue Karte“ zum Beitrag von Kollegen Droutsas ersucht, weil in den Redebeiträgen auch von der Kollegin in 't Veld immer wieder die Rede war vom Paketansatz und vom Mitbestimmen bei dieser Richtlinie. Man kann doch nicht ernsthaft annehmen, wenn man eine Fraktion bei einem Bericht völlig draußen lässt, dass man dann auch deren Zustimmung bekommt. Ich gehe davon aus, dass Sie auch nicht meinen, dass man das so machen kann.

  Dimitrios Droutsas (S&D), Antwort auf eine Frage nach dem Verfahren der „blauen Karte“ an Axel Voss. – Herr Voss, ich muss ehrlich gestehen, ich bin sehr, sehr verwundert über diese Aussage, die Sie getätigt haben. Nach zwei Jahren gemeinsamer Arbeit an diesem Paket – Verordnung und Richtlinie – jetzt zu behaupten, dass die Wünsche einer Fraktion hier im Hause nicht berücksichtigt worden sind, ist ein bisschen dreist, wenn ich das so offen sagen darf, insbesondere wenn von dieser Fraktion im Bereich der Richtlinie absolut keine Vorschläge auf den Tisch gelegt wurden, sondern nur eine reine Verzögerungstaktik verfolgt wurde, entsprechend der Verzögerungstaktik, die einige Regierungen einiger Mitgliedstaaten hier an den Tag gelegt haben.

  La Présidente. - La discussion commune est close.

Le vote aura lieu mercredi, le 12[nbsp ]mars[nbsp ]2014, à douze heures.

Déclarations écrites (article 149)

  Lidia Joanna Geringer de Oedenberg (S&D), na piśmie. – Nowe technologie umożliwiają dostęp do danych osobowych organom publicznym, w tym organom ścigania, jak i firmom i osobom prywatnym. Taki szeroki dostęp do informacji może prowadzić do licznych nadużyć, które zagrażają podstawowym prawom i wolnościom obywateli UE. Dlatego konieczne jest stworzenie kompleksowych i ujednoliconych ram prawnych w zakresie ochrony danych osobowych oraz zharmonizowanie różnych systemów istniejących obecnie w poszczególnych państwach członkowskich UE. Przedstawiona przez Komisję propozycja posiada jednak pewne niedociągnięcia w zakresie określenia jasnej definicji zasad ochrony danych, elementów dotyczących ich przechowywania, przejrzystości oraz aktualizacji. Ponadto niezbędne jest także usprawnienie organów ds. ochrony danych w zakresie monitorowania oraz oceny skutków nowej regulacji. Tylko trwały i spójny instrument może zapewnić pewność prawa oraz stworzyć warunki umożliwiające zaufanie do podmiotów odpowiedzialnych za przetwarzanie danych, zwłaszcza do organów ścigania i wymiaru sprawiedliwości. W podsumowaniu dodam, że prawo do ochrony danych należy dostosować do zadań państwa, a także trzeba zadbać o to, aby państwo było w stanie realizować te zadania w interesie wszystkich obywateli, nie nadużywając przy tym prawa do prywatności.

  Wojciech Michał Olejniczak (S&D), na piśmie. – Od kiedy Unia po raz pierwszy przedstawiła regulacje ochrony danych osobowych, internet stał się podstawowym medium przepływu informacji, a jego nowe funkcje mają szanse w najbliższej przyszłości zrewolucjonizować handel, administrację państwową czy kontakty społeczne. O ile jednak internet powstał jako sieć oparta w swym zamyśle na swobodnym dostępie i równych prawach wszystkich użytkowników, o tyle dziś obserwujemy niebezpieczną tendencję do koncentracji usług internetowych w rękach wielkich korporacji. Przypomnę, że te ostatnie już raz przyciągnęły naszą uwagę, gdy okazało się, że przedsiębiorstwa takie jak Facebook na wielką skalę uchylają się od płacenia podatków. Dziś musimy stanąć za każdym pojedynczym użytkownikiem Internetu, którego obawy względem bezpieczeństwa jego danych osobowych nierzadko zniechęcają do wymiany tych informacji czy korzystania z określonych usług. Popieram szeroki katalog nowych, jasnych definicji w odniesieniu do ochrony danych. Uważam też, że kluczowym elementem każdej regulacji w tym zakresie musi być element zgody użytkownika na przetwarzanie danych, wycofania tej zgody oraz usunięcia wcześniej przekazanych danych. Dane osobowe należy bezwzględnie traktować jako własność, a własność podlega ochronie. Sceptycznie odnoszę się również do praktyk profilowania, za pomocą których moim zdaniem korporacje próbują bocznymi drzwiami wprowadzić cenzurę internetu. Z całą mocą deklaruję swoje poparcie dla idei całkowicie wolnego internetu i wolnego wyboru konsumenckiego.

  Monika Smolková (S&D). - V čase elektronizácie verejného aj súkromného sektora je veľmi ťažko zabezpečovať ochranu fyzických osôb pri spracúvaní ich osobných údajov. Voľný pohyb osôb, tovaru a služieb ako jedna z vymožeností a práv občanov EÚ spôsobuje pri ochrane osobných údajov fyzických osôb veľké ťažkosti aj nejednotnou legislatívou v jednotlivých členských štátoch. V mojej krajine, na Slovensku, platí prísnejšia legislatíva, ako je európska, ktorou veľmi účinne chránime osobné údaje ľudí, zamestnancov, pacientov, klientov atď., ale protestujú podnikateľské a zamestnávateľské subjekty, pretože sa im zvýšili náklady na zabezpečenie ochrany osobných údajov. Preto je veľmi dôležité, aby osobné sa údaje poskytovali iba v nevyhnutne potrebnom objeme, aby pravidlá na ochranu osobných údajov boli v celej EÚ zosynchronizované a aby zneužívanie osobných údajov bolo sankcionované.

  Valdemar Tomaševski (ECR), raštu. – Pone Pirmininke, Europos Sąjunga planuoja sukurti modernius ir išsamius asmens duomenų apsaugos pagrindus, kurie turėtų užtikrinti aukšto lygio skaidrumą. Tai ypač svarbu greito technologinio vystymosi ir aukšto internetinio aktyvumo metu. Nepamirškime, kad veiksminga asmens duomenų apsaugos sistema Europoje visų pirma turėtų prisidėti prie kiekvieno Europos piliečio saugumo sustiprinimo. Modernios technologijos leidžia keistis bei rinkti duomenis neįtikėtinu mastu. Fiziniai asmenys vis dažniau viešai bei elektroniniu būdu pateikia savo asmeninius duomenis. Todėl Sąjunga privalo vienareikšmiškai nuspręsti dėl surinktų duomenų naudojimo kokybės ir masto bei dėl jų apdorojimo būdo. Keletas siūlomoje direktyvoje iškeltų problemų reikalauja išsamesnio paaiškinimo. Visų pirma, reikia aiškiai apibrėžti asmens duomenų apsaugos taisykles. Konkretūs asmens duomenų apdorojimo tikslai turėtų būti aiškūs, atitikti teisės aktus ir būti apibrėžti jų rinkimo metu bei apriboti iki būtino minimumo, atitinkančio jų apdorojimo tikslus. Be to, asmens duomenys turėtų būti apdorojami tik tada, kai to tikslo negalima pasiekti kitais būdais. Labai svarbu, kad būtų įvestas draudimas teisminėms institucijoms perduoti asmens duomenis privatiems subjektams Sąjungoje, išskyrus situacijas, kai to reikalauja ypatinga padėtis. Tačiau asmens duomenys jokių būdu neturėtų būti perdavinėjami ne Europos Sąjungoje esančioms institucijoms. Tokiu būdų išvengsime Orwell‘o visuomenės sukūrimo.