Europe Adopts Sweeping EU Data Protection Law
The European Parliament approved new and stronger data protection rules designed to give EU residents greater control over personal information and setting minimum standards for how data can be used for police and judicial purposes. Member states would still have…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
two years to implement the general data protection regulation (GDPR), which has been in development since 2012 and is the first major update to data protection in more than 20 years (see 1512160001). The new regulation "makes a high, uniform level of data protection throughout the EU a reality," said European Parliament member Jan Philipp Albrecht, of the Greens/European Free Alliance and Germany, in a Thursday news release. "This is a great success for the European Parliament and a fierce European 'yes' to strong consumer rights and competition in the digital age." GDPR gives EU citizens more control over their information such as the "right to be forgotten" and capability of more easily transferring personal data between service providers. They will also get clearer information about how their data is used. Adoption was hailed by consumer and privacy groups. BEUC-the European Consumer Organisation, an alliance of 41 independent national consumer groups from 31 European countries, said in a statement the law opens "a new chapter for data protection" but isn't the end of the story. "There is work ahead to ensure a successful application of the new rules and guarantee that the EU effectively continues to be a role model for data protection in the world,” said David Martin, BEUC senior legal officer. But, Rob Atkinson, president of the Information Technology and Innovation Foundation, called GDPR a "mistake," in a statement. He said its "provisions will be onerous in practice -- like trying to sail with an anchor overboard." He said "businesses, entrepreneurs, civil society groups, and government all will have an unduly hard time using data to start new ventures, expand well-established ones, or enrich European citizens’ lives by discovering solutions to challenges in health care, education, or the environment." Policymakers have time to craft a more appropriate framework "for a modern data economy" before GDPR is implemented, Atkinson said.