The new data protection rules for EU institutions, bodies and agencies must cover all EU bodies to ensure strong and coherent data protection safeguards and avoid loopholes,
Parliament’s chief negotiator regrets that it has not yet been possible to reach a compromise with Council negotiators in the inter-institutional talks.
Parliament’s lead MEP on the new data protection rules for data processed by the EU institutions, Cornelia Ernst (GUE/ NGL, DE) said after the latest meeting with Council negotiators on Tuesday in Strasbourg:
“Our goal with this regulation is to create a single, unified framework for the protection of personal data by the EU institutions, bodies, offices and agencies. In order to achieve the best level of data protection for citizens, our rules have to function well together with those of the General Data Protection Regulation, which will be applied from 25 May 2018 by all governments and businesses in the EU.
- The same is true for EU agencies that are tasked with law enforcement. When from May 2018 the new EU rules will take effect, it is necessary that the rules for agencies like Europol and Eurojust will be harmonised and fit to work together with the rules that police all over the EU will use. That is why the Parliament insists that these agencies must be covered by this regulation. Excluding them, as the Council wants, will undermine the protection of personal data, because the rules will not match, and loopholes might occur. Excluding them will also hamper data exchanges between member states' police authorities and Europol, or between Frontex and Europol.
- I regret that the Council is unwilling to even discuss Parliament's position. All our proposals to find an agreement have been turned down citing time pressure and technical details. In law making, it is usually better to favour quality over speed.
- Parliament has done its utmost to come up with solutions, but we have never received any constructive proposals from the Council. It is our sincere hope that it will be feasible to reach a swift and viable compromise with the incoming Presidency in order to allow the new rules to come into force as quickly as possible”.
The Civil Liberties Committee passed its negotiation mandate on 12 October with a broad majority in favour.
The main rules on data protection in the EU institutions are laid down in a regulation from 2001. The new law aims to update these existing rules and bring them into line with the more stringent principles of the General Data Protection Regulation which will become applicable on 25 May 2018.