European Union wants a universal approach to data protection

EUROPEAN UNION (EU) Commissioner for Justice Vivianne Reding has proposed that EU member states should have a unified approach to data protection in place of national laws.

Speaking at a data protection conference at the American Chamber of Commerce of the European Union, Reding revealed that she will propose a legislative package next year to deliver a pan-European approach to data protection.

She said that there are three main challenges companies face under existing data protection laws, including fragmented rules across different European countries that make compliance considerably more expensive for businesses. The other two hurdles are the negative effect of a lack of law coherency on competitiveness and diminished consumer trust in companies since laws protect different levels of privacy from country to country.

"To address all of these challenges, the European Commission will propose a comprehensive data protection reform," Reding said. "To help businesses, I want to provide consistency and coherence. We need legal certainty and a level-playing field for all businesses that handle personal data of our citizens."

She said that there should be "one law and one single data protection authority" for each business and that this should be the law and authority of the EU member state where the business is primarily based. She said that once this rule is established other member states should recognise that law and authority and not require additional national authorisation.

Reding also wants to enhance Europe's overall approach to data protection, putting individuals in control of their information. She said that businesses must be more transparent about the use of people's information, user consent needs to be explicitly given when it comes to the collection or storage of personal data, users should be given more control over their data, including the right to move or delete it, and businesses should inform people of data breaches as swiftly as possible.

She added that data protection authorities also need sufficient powers and resources to enforce these laws.

"Everyone expects a strong, consistent and future-proof framework for data protection, with consistent rules across all Member States and across all Union policies," Redding added. "And I am determined to deliver." µ