The existing European data protection regime, encompassing a web of national laws and based primarily on a directive (which has indirect effect in each of the EU Member States, meaning national legislation was required to implement the provisions of the directive, something which has led to a variety of legislation across the EU), dates back to 1995 (Directive 95/46/EC). The original draft of the DPR that will replace the existing regime and update the European privacy regime, was published by the European Commission in January 2012, with the European Parliament adopting its first reading positions on the proposals for the DPR in March 2014. When it comes into effect, the DPR will apply directly in each Member State (that is, without the need for any local enabling legislation, and in the same way in each Member state), as well as in those European Economic Area States which adopt the DPR directly.
Some of the key proposals endorsed by the Council on the DPR include:
Now that the Council has reached agreement on their version of the DPR, negotiations can commence between the European Commission, the European Parliament and the Council (this is known as the “Trilogue process”). The first Trilogue meeting will take place on June 24.
Final adoption of the DPR is expected by the end of 2015 or early 2016, which will then come into force in European member states automatically two years after the final agreed DPR text is published in the Official Journal of the European Union.
For more information on the matters discussed in this Locke Lord QuickStudy, please contact the authors.
Sign up for our newsletter and get the latest to your inbox.