One Year and Loads of Data Later, Where are We? An Update on the Proposed European Union General Data Protection Regulation
Journal of Internet Law (Vol. 16 No. 10) -- Aspen Publishers Inc.-- Wolters Kluwer Law & Business, Vol. 16, No. 10, April 2013
13 Pages Posted: 21 Feb 2015
Date Written: April 1, 2013
Abstract
This article reviews the European Union’s Proposed General Data Protection Regulation (GDPR) one year after the European Commission proposed it. Reactions to the GDPR from EU Member States, the Article 29 Data Protection Working Party (WP29), the relevant European Parliament committees and the Council of the European Union are analyzed and the legislative action on the GDPR to date is traced. Furthermore, proposed amendments to the GDPR by the leading parliamentary committee – Civil Liberties, Justice and Home Affairs (LIBE) -- are detailed, notably in the areas of expanded scope of the GDPR, personal data breach notifications, consent to and legitimate bases for processing, data portability and the right to be forgotten, data protection officers (DPOs), and cross-border data transfers, among others. Finally, steps to prepare for the eventual adoption of the GDPR are set out.
Keywords: data protection, data security, personal data, European Union legislation, European Union regulation, data breach notification, general data protection regulation, data protection directive, European Commission, LIBE committee, European Parliament, Article 29 Working Party
JEL Classification: K02, K22, K33
Suggested Citation: Suggested Citation