European data protection regulations are about to get a much tougher. The new Data Protection Regulation (GDPR), currently in trialogue discussions between the European Parliament, Commission and Council is due to be finalised by the end of the year. It is the biggest update to EU Privacy law since the 1990s – a pre-Internet Age!
The regulation will see new definitions of “personal data” as well as binding requirements in the case of data breaches. As a regulation it will be uniformly applied across the EU, but national data protection agencies (DPA) will have a huge job with enforcement. How DPAs will coordinate with one another is still a grey area, making it difficult for businesses to get their policies in order in anticipation of the law.
Chapter 5 and Article 3 on territorial scope and international data transfers were quickly wrapped up by the negotiators. Chapters 2 on data protection principles, including the grounds for processing and the conditions for consent, and 3, on data subject rights including the rights of individuals, the right to be forgotten and the provisions on profiling are more complicated. With fines increasing to much more than a slap on the wrist, the question of enforcement is a big one.
Since the ECJ Schrems ruling, many are asking how international businesses can cope with differing rules in the EU and US. Smaller businesses are scared that compliance costs will soar and citizens need a clear procedure to follow when something goes wrong.
Tackling all these questions in our ViEUws discussion are Jan Philipp Albrecht, the European Parliament Rapporteur and regulator, and Wojciech Wiewiórowski, the deputy European Data Protection Supervisor.
Jan Philipp Albrecht MEP
Greens Group, Rapporteur Data Protection Regulation and Vice-Chair of the Committee on Civil Liberties, Justice and Home Affairs (LIBE)
Jan Philipp Albrecht is spokesperson for Justice and Home Affairs of the Greens/EFA in the European Parliament. During his first mandate between 2009 and 2014 he was a member of the Committee on Civil Liberties, Justice and Home Affairs (LIBE) and a substitute member of the Committee on Legal Affairs (JURI).
From December 2012 to October 2013 he was the Green group’s coordinator in the Special Committee on Organised Crime, Corruption and Money Laundering (CRIM). He was rapporteur for the opinion of the Committee on Legal Affairs on the proposal for a directive on the right of access to a lawyer in 2011.
From 2003 until his election to the European Parliament in 2009, Jan Philipp Albrecht studied law in Bremen, Berlin and Brussels and specialised in IT law at the Universities of Hanover and Oslo. Since 1999 Jan Philipp Albrecht has committed himself to the Greens in a wide range of contexts. Thanks to his efforts to promote data protection, the former federal spokesman of the Young Greens in Germany (2006 – 2008) has rapidly gained a reputation within the European Parliament as an expert on home affairs, justice and legal affairs. Jan Philipp Albrecht was born on 20 December 1982 in Braunschweig.
Assistant Supervisor, EDPS
Wojciech Wiewiórowski has been Assistant European Data Protection Supervisor since December 2014. He was appointed by a joint decision of the European Parliament and the Council on 4 December 2014 for a term of five years.
Before his appointment, he served as Inspector General for the Protection of Personal Data at the Polish Data Protection Authority, a position which he had held since 2010. He was also Vice Chairman of the Working Party Article 29 Group.
Send in your questions using the hashtag #viEUwsTech on Twitter to join the discussion! Selected questions will be asked to the panellists during the 13 November live discussion.