EU’s one-stop-shop legislation for data protection to be finalised by year’s end

28 Jan 2014

Although the European Council is “deadlocked” and “bogged down in detail” regarding proposed one-stop-shop legislation for data-protection laws, MEP Sean Kelly said the landmark laws will be finalised by year-end.

Speaking at the National Data Protection Conference 2014 to mark Data Protection Day, the Ireland South MEP said the European Parliament is due to vote on the matter on 11 March.

Meanwhile, the European Council is deadlocked, he said.

“Nevertheless, negotiations between Parliament and Council commence in June, with a view to having the data protection law finalised by year-end. This is arguably the landmark law of the last five years of EU law-making, as it will have a direct effect on the lives of each every one of the 508m EU citizens.”

Kelly pointed to the key issues of consent – ‘unambiguous’ or ‘explicit’ consent, the need to reduce the bureaucratic burden on SMEs, press freedom and health research.

“I welcomed the inclusion by the Commission of the exemption for SMEs for a mandatory data protection officer for SMEs with fewer than 250 employees and for whom data processing was not a core business function. 

“There’s some concern about the potential curtailments to health research data sharing from academics and research institutions.  As with press freedom, I believe that this section can be improved in the negotiations to be held with the Council of Ministers.”

The Snowden affair

Kelly also highlighted the “decisive” impact of the Edward Snowden US National Security Agency leaks on the data protection debate.

“One of the immediate outcomes was the insertion of a draft of an Article that had been dropped by the Commission, the so-called Article 42a. It stipulates that foreign intelligence services must liaise with the domestic services and DPAs of a member state through Mutual Legal Assistance Treaties, or M-LATs, should they wish to mine data. 

“One of the spill-overs of the NSA/Snowden affair, which could have a negative impact on the Irish economy, is the issue of the Safe Harbour agreement. This agreement allows the free transfer of data out of the EU to US servers and is monitored and enforced by the US Federal Trade Commission. 

“There are on-going calls to scrap this agreement by many MEPs in the Parliament.”

He said he does not agree with this position, however, as it would lead to great uncertainty in the transatlantic economy without improving the protection of EU citizens’ privacy in the short to medium term. 

“I would rather see a renegotiation of it along the lines of the 13-point plan proposed by the European Commission recently,” he added.

European Parliament image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years