Skip to main content
 
 

EU Data Protection Regulation Negotiators Agree on Fines

CSR Thoughts...

Keep an eye on CSRPS.com.  We will continue to monitor the progress of this impactful EU privacy regulation changes.

12/15/2015

Source: 

Bloomberg BNA

After nearly four years of wrangling, the European Union today reached agreement on final text of a new data protection framework law designed to harmonize how the 28 EU member states handle privacy compliance and enforcement.

The regulation final text dramatically increases sanctions with fines of up to four percent of a company's global income, two people familiar with talks say. The sources asked not to be identified because officials are still discussing other parts of the package of privacy laws set to be approved later today, they said.

The final text must also be resolved on issues regarding:

  • data subject consent to the collection and use of their information; and
  • exceptions from data protection rules for data used in scientific research.

EU officials Dec. 14 released the nearly final text of the GDPR as it stood before today's negotiations with the items to be resolved highlighted in yellow.

The European Commission, the EU's executive arm, proposed the General Data Protection Regulation (GDPR) in January 2012 to replace the bloc's now over 20-year-old Data Protection Directive (95/46/EC).

Closed-door trialogue talks to agree on the final text of the GDPR are taking place between negotiators from the Council of the EU—which represents EU member states—the European Parliament and the European Commission.

The agreement is subject to a ratification vote in the parliament's Civil Liberties, Justice and Home Affairs Committee (LIBE).