In January 2012, the European Commission drafted revisions to the 1995 EU Data Protection Directive, with the goal of updating the framework to fit the 21st century and thus boosting Europe's digital economy. The Commission sought to achieve this goal by not only making the rules more coherent (so the rules are applied uniformly across all 28 EU member states), but also by strengthening data privacy and user control over personal data.
The European Council has been working to get the law, dubbed the EU General Data Protection Regulation (GDPR), adopted by the end of 2015, but there have been some snags along the way. The foremost of these obstacles is the different interests of various groups involved in developing the regulation. "There is a gap between what the Council wants, which is data controller-friendly, and what the [European] Parliament wants, which is more friendly to data subjects, or citizens," Ian Walden, professor of information and communications law at the University of London, said to sister site ComputerWeekly. Walden and other experts had plenty more to say about the topic:
- In "EU data protection regulations won't make corporate life easier," Walden also talks about the complications created by treating personal data as property.
- And in "New EU data protection regulations are good for business," security firm Websense says the new rules will provide many benefits to businesses, but only if they start preparing for regulation compliance early.
More on EU data protection regulations: ComputerWeekly also covers how GDPR will push "privacy by design" top of mind for companies with European clients, and why the Information Commissioner's Office recommends that businesses not put off getting their data protection house in order.
Data source: European Commission fact sheet: "Data Protection Day 2015: Concluding the EU Data Protection Reform essential for the Digital Single Market"