Ministers hand over data protection powers to pan-EU regulator
Fri 13 Mar 2015
EU ministers have voted today in support of a new system which will seek to resolve cross-border data protection issues as part of the Union’s wider reforms surrounding data security and privacy.
28 justice ministers from the 28 EU member states passed the proposed ‘One Stop Shop’ data programme [PDF] during a meeting at the Council of Ministers in Brussels this morning. The majority of countries agreed with the “partial general approach” covered in the framework, but some parties raised concern that the 58-page framework was too complex and the lengthy bureaucracy could have a negative impact on both businesses and consumers.
Before the system was agreed upon, data protection law expert Marc Dautlich said that the proposal had been “a mess” and fell shy of original plans.
The one stop shop aims to smooth the process of ensuring data protection across the EU. As it currently stands, companies with operations in different member nations must answer to data protection authorities (DPAs) in each country, therefore leading to multiple investigations over the same case and potentially different resolves.
In order to address this inconsistency, the European Commission (EC) proposed a data protection one stop shop system to facilitate the process and provide one regulatory body to handle the issues. DPAs will also have a say in cases where the privacy rights of their country’s citizens have been breached.
However, some members were concerned that the new mechanism would not align with the ‘proximity test’ – an EU law whereby legal decisions must be made as locally to the case as possible. Others argued that the programme would encourage businesses to setup their operations in countries with more lenient data protection regulations.
For this eventuality, a compromise system was also put in place through which only cross-border cases of weightier importance would be dealt with by the one stop shop.
Dara Murphy, Ireland’s minister for European affairs and data protection, said that the new procedure would be too “cumbersome” and would risk sending a message that Europe is “bureaucratic.” Murphy has called for a “review clause” to ensure that the effectiveness of the one stop shop is fully assessed once it comes into force.
UK Justice Minister Lord Faulks said that he was “not content” with the new procedure, and that he was “disappointed” that there were no “quantative filters” in the proposals to limit the referral of cases to the European Data Protection Board (EDPB). Lord Faulks also argued that the “bureaucratic process” would lead to delays and increased expense.
The UK supports Ireland’s proposal for a review clause of the new Regulation.
