On October 21, the European Parliament’s Committee on Civil Liberties voted in favor of a directive that would strengthen data protection laws within the European Union and replace the 1995 Data Protection Directive that the Union is operating under.

The Commission originally proposed the new legislation in January 2012 and after 18 months of intense negotiations that resulted in over 4,000 amendments, a compromise was reached that is supported by all political parties.

According to European Justice Commissioner Viviane Reding, this legislation will not only benefit citizens by ensuring a high level of personal data protection but will also decrease costs for businesses by streamlining the various data policies in the 28 member states into one law for the European continent.

Since 1995, developments in the technology industry have drastically altered the means by which information is shared and stored but Europe’s data protection laws have not been revised in the last 17 years to accommodate these transformations.

When the 1995 Data Protection Directive was established, less than one per cent of Europeans reported frequent internet use. In today’s globalised and interconnected world, people leave digital footprints that can be shared in a matter of seconds.

A Eurobarometer survey reported that 70 per cent of Europeans fear that corporations or governments are misusing their personal data, which comprises any private, professional or public information regarding an individual. These concerns were only exacerbated by the revelation that United States intelligence agencies were prying into EU citizens’ personal information earlier this year, encouraging many member states to push for greater protection policies within the EU.

Europe’s data protection laws have not been revised in the last 17 years

Although the 1995 directive guaranteed data protection rights to individuals within the EU, its implementation lacked uniformity across member states, resulting in regulatory inconsistencies and a complex legal framework in which businesses had to operate. By replacing the 28 different data protection laws in the EU, the new directive will save companies a net value of €2.3 billion a year in administrative costs for each business will only report to the national data protection authority in the member State that holds its main enterprise.

The aim of the Commission’s 2012 proposal was to give individuals greater control over their personal information on the internet through measures such as enabling an individual to erase their digital profiles, requiring explicit (rather than assumed) consent for such data to be processed, increasing responsibility and accountability for those processing the data and applying the EU rules when citizens’ data is being processed internationally.

Both the Commission and the European Parliament emphasized the need to tighten security on the transfer of data outside the EU in order to ease concerns aroused by the US’s snooping activities. Therefore, any non-EU body that wants access to online data must now first receive the go-ahead from a European data authority.

Among the European Parliament’s 4,000 amendments was a higher fine for companies that do not comply with the regulations. MEPs called for a fine of equivalent to per cent of the company’s annual turnover or €100 million, whichever is greater, instead of the Commission’s proposed two per cent. Additionally, the Parliament changed the wording when discussing an individual’s fundamental right to delete personal information off the internet from the “right to be forgotten” to the “right to erasure”.

October 21 was therefore a red-letter day as a decisive step on the road towards a stronger and more coherent data protection policy within the EU was taken.

Further discussions on the new directive have occurred during the summit held in Brussels last week.

Negotiations with member states will now begin in the coming months in an attempt to get the legislation passed before the European Parliament elections in May 2014. Once the directive is passed, member states will have two years to complete the implementation of its measures.

Many believe this timetable is not feasible but, nonetheless, the European Union is working to ensure that its Charter of Fundamental Rights is upheld by giving individuals the right to data protection in all aspects of their lives.

David Casa is a Nationalist MEP.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.