The proposed Regulation on the protection of personal data by European institutions and bodies aims to align the existing rules, which date back to 2001, with the newer and more stringent rules set out by the General Data Protection Regulation of 2016. Anyone whose personal data are handled by the European institutions or agencies will benefit from higher standards of protection.
International data protection
The proposed Communication sets out a strategic approach to the issue of international personal data transfers, which will facilitate commercial exchanges and promote better law enforcement cooperation, while ensuring a high level of data protection. The Commission will engage proactively in discussions on reaching “adequacy decisions” (allowing for the free flow of personal data to countries with “essentially equivalent” data protection rules to those in the EU) with key trading partners in East and South-East Asia, starting with Japan and Korea in 2017, but also with interested countries of Latin America and the European Neighbourhood.
In addition, the Commission will also make full use of other alternative mechanisms provided by the new EU data protection rules – the General Data Protection Regulation and Police Directive – to facilitate the exchange of personal data with other third countries with which adequacy decisions cannot be reached.
The Communication also reiterates that the Commission will continue to promote the development of high data protection standards internationally, both at bilateral and multilateral levels.
With the presentation of the proposals today, the Commission is calling on the European Parliament and the Council to work swiftly and to ensure their smooth adoption by 25 May 2018, when the General Data Protection Regulation will enter into application. The intention is to provide citizens and businesses with a fully-fledged and complete legal framework for privacy and data protection in Europe by this date.
IP Integration can help you prepare.