Are Data Protection Changes Delayed?

By: Richard Beaumont | Friday, November 1, 2013 | Tagged: Data Protection Regulation | Leave Comment

There has been much talk in privacy circles this week about a delay to the schedule for bringing the new EU Data Protection Regulation into force.

The vote of the draft by the LIBE committee, passed on October 21st, contained a commitment to get agreement by April 2014 – before elections in May.

However, a few days later, a document (PDF) put out by the European Council, following a leaders summit, led to a lot of reports that a decision had been made to delay until 2015, to allow more time for negotiation.

UK Prime Minister David Cameron appeared to be making political capital out of being responsible for the delay – though other countries, Sweden and Germany in particular also appear to be backing it.

A closer reading of the Council Report however leaves much room for uncertainty.  The crucial statement reads:

The timely adoption of a strong EU General Data Protection framework and the Cyber-security Directive is essential for the completion of the Digital Single Market by 2015.

Others have commented that what this means is that DPR must be in place before the Digital Single Market initiative can be finalised.  The target for that is 2015 – so the DPR needs to be agreed before that.

Separately both the Commission, in the shape of Vivienne Reding, and MEPS like Jan Phillip Albrecht, who guided the Regulation through the LIBE vote, say they are committed to April 2014.

What this really tells us is that a lot of politicking is going on around this issue, and nothing is really set in stone either way.

However, various sources who follow these things closely think that there are too many powerful EU figures who want to see this through before May 2014 – and it is therefore still more likely to happen on that timescale than not.

What does this mean?  If you want to play things safe, don’t hold out for a delay.  Whatever happens there will likely be a 2 year lead –in period for compliance with the new rules, but that time will go by very quickly for a lot of people.

Tag Cloud