News and events

Political Agreement Reached on the EU Data Protection Reform


On 15 December 2015, an informal agreement was reached on the EU Data Protection Reform (“Reform”) in the final round of talks between the European Commission, the European Parliament, and the Council of the European Union. The long-awaited overhaul of EU data protection rules has been underway since 2012, when the European Commission put forward the Reform with a view of making Europe fit for the digital age.

The Reform consists of two instruments – the General Data Protection Regulation (“GDPR”) and the Data Protection Directive for Police and Criminal Justice Authorities (“Directive”). The Directive pursues better cooperation between law enforcement authorities, whereas the GDPR seeks to reinforce citizens’ control over their personal data while also simplifying the regulatory environment for businesses as well as stimulating economic growth. While the official texts of the GDPR and the Directive are yet to be released, it is certain that the Reform will have a significant impact on how businesses can collect and process personal data. Most notably, the GDPR introduces a stricter definition of consent, direct liability for data processors as well as controllers, and considerably higher administrative fines for data protection violations. In addition, the one-stop-shop approach means that businesses will only have to deal with one single supervisory authority in the EU.

The final texts of the GDPR and the Directive are scheduled for formal adoption at the beginning of 2016. The new rules will become applicable two years thereafter.

More news

Back to News and Events »