The EU Parliament passed new data protection reform on April 14, 2016

The EU Parliament passed new data protection reform on April 14, 2016

Key points of the new rules at a glance

Data protection as a fundamental right of citizens

  • Easier access to your own data: You will be better informed about the way the data is processed. This information must be clear and understandable.
  • Right to data portability: Personal data can be transferred more easily from one provider to another.
  • A clarification of the "right to be forgotten": If the data subjects do not want their data to be further processed and there are no legitimate reasons for their storage, the data must be deleted.
  • The right to know whether data has been hacked: Companies and organizations must, for example, B. inform the national supervisory authority of serious data protection breaches as soon as possible so that users can take appropriate action.


Clear, modern regulations for companies

In today's digital economy, personal data has acquired enormous economic importance, especially in the area of big data. By unifying European data protection standards, lawmakers have created business opportunities and opportunities for innovation.

  • One continent, one law: The regulation creates a uniform set of rules that makes it easier for companies to do business in the EU and saves costs.
  • Single point of contact: Companies now only have to deal with a single supervisory authority. This will save an estimated 2.3 billion euros per year.
  • European rules on European soil: Companies based outside Europe must follow the same rules when offering services in the EU.
  • Risk-based approach: The new rules introduce an obligation tailored to the respective risks instead of a complex, general obligation.
  • Innovation-friendly rules: The regulation ensures that data protection guarantees are built into products and services from the earliest development phase (“data protection through technology”). Privacy-friendly techniques such as pseudonymization are promoted to take advantage of big data innovations while protecting privacy.

Advantages for little ones and for big ones

The data protection reform will stimulate economic growth through lower costs and less administrative burden, especially for small and medium-sized enterprises (SMEs). The EU data protection reform is intended to help SMEs penetrate new markets. Under the new rules, the administrative burden for SMEs will be reduced in four ways:

  • Removal of the reporting obligation: Notifications to the supervisory authorities are a formality that costs companies EUR 130 million every year. The reform completely eliminates the reporting requirement.
  • Every cent counts: if requests for access to data are clearly unfounded or disproportionate, SMEs will be able to charge fees for providing access in the future.
  • Data protection officer: SMEs are not obliged to appoint a data protection officer unless data processing is their core business.
  • Impact assessment: SMEs are not required to carry out an impact assessment unless there is a high risk.

Protection of personal data in law enforcement

  • Better law enforcement cooperation: The new Police and Criminal Justice Data Protection Directive will allow law enforcement authorities in Member States to share investigative information more efficiently and effectively. They will also be able to work better together to combat terrorism and other serious crime in Europe. The Directive takes into account the specific needs of law enforcement, respects the different legal traditions of the Member States and is fully consistent with the Charter of Fundamental Rights.
  • Better protection of our citizens' data: Personal data is better protected when processed for law enforcement purposes, including crime prevention. The protection applies to everyone – regardless of whether they are a victim, a criminal or a witness. Data processing in the Union's police authorities and public prosecutor's offices must comply with the principles of necessity, proportionality and lawfulness and be accompanied by appropriate safeguards to protect the individual. It is subject to supervision by independent national data protection authorities and effective legal protection must be ensured. The Police and Criminal Justice Data Protection Directive sets out clear rules for the transfer of personal data from the EU to ensure that the data protection guaranteed to individuals in the EU is not undermined.

Source: EU-Aktuell v. April 14, 2016

EU new small

We use cookies

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.

Ok Decline
More information | Imprint