General Data Protection Regulation

The General Data Protection Regulation is a planned regulation of the European Union, with the rules for the processing of personal data by private companies should be EU-wide unified. This should ensure that within the European Union, on the other hand the free movement of such data shall be guaranteed within the European internal market on the one hand, the protection of personal data. The General Data Protection Regulation is part of the proposed EU data protection reform, which the European Commission presented on 25 January 2012.

With the regulation, the right to be forgotten and the right to data portability should be introduced. You should also apply to companies that have their registered office outside the European Union, contact us with their offers but to EU citizens. Affected would include U.S. companies like Facebook and Google, which currently fall under the Safe Harbor Agreement. The commitment of the European Commission for the General Data Protection Regulation, is also interpreted as a failure of the Safe Harbor.

The General Data Protection Regulation is to replace the Dating back to the 1995 Directive 95/46/EC ( Data Protection Directive). Contrary to Directive 95/46/EC, which had to be implemented by the EU Member States into national law, the General Data Protection Regulation is directly applicable without implementing act in all EU Member States. Member States will therefore not be possible to weaken the requirements laid down by the regulation data protection by national regulations or strengthen.

Criticism

Experts warn that the General Data Protection Regulation privacy insofar weakness, as the current draft provides for example, the internal data protection officer and internal documentation requirements only at companies over 250 employees. Smaller companies would then offer no such protection mechanisms. On the other hand, the Institute of the disclosure of consumer data to competitors ( data portability ) will not only affect providers such as Facebook, but also work for smaller companies.

The Federal Council brought an action on March 30, 2012 subsidiarity objection against the proposed regulation. Countries Board considers that the proposal with the principle of subsidiarity is not consistent and therefore contrary to Article 5, paragraph 3, TEU. Under this provision, the European Union must in the areas which do not fall within its exclusive competence, act only if and insofar as the objectives of the proposed action by the Member States can not be sufficiently achieved, but on reason of the scale or effects of EU level, be better achieved.

Many sites also often vague and unclear wording of the draft was criticized. The draft also many elementary rules are not in the basic regulation, but in " delegated acts " shall be inserted by the EU Commission.

Under the negotiated resolution of the European Parliament, the criticisms have been largely resolved.

Lobbying

Around the negotiations of the General Data Protection Regulation criticized MEP massive lobbying on the part of the U.S. government and U.S. IT companies. Technology companies in the United States, therefore, fear the negative impact of regulation on their operations in Europe and practiced corresponding pressure on the government of U.S. President Obama made ​​. So asked the American Ambassador to the EU William E. Kennard, in a speech in Brussels on 4 December 2012 that the central demands of the Regulation must be deleted: delete all the data of a person from the consolidated database at the request and the express written consent of a person before their data can be collected at all.

From American companies a California Effect is feared by the EU legislation. Similar to stricter laws in California raise the minimum standard in the U.S., it is expected that the higher standards in the EU would raise the level of protection for all companies operating worldwide. While so far only financial and health data are subject to a certain protection in the United States, the acquisition and merging of all other data collected and their unlimited storage is allowed by private corporations. American civil rights organizations saw improvements in the standards in the U.S. and therefore support the plans in the EU.

The platform LobbyPlag.eu shows that many amendments from MEPs in the European Parliament verbatim and from lobby papers from companies such as Amazon, eBay, the lobby group " Digital Europe " with the members Google, Microsoft, Cisco, Intel, IBM, Oracle, Texas Instruments Dell or were taken over by the U.S. American chamber of Commerce. Among other things, these were the MPs Malcolm Harbour (ECR ), Andreas Schwab ( CDU / EPP ), Klaus -Heiner Lehne (EPP) or Marielle Gallo ( EPP). On the other hand, the platform also highlighted word equal overs from the documents of data protection organizations such as Bits of Freedom and EDRi by deputies as Amelia Andersdotter or Eva Lichtenberger EFA.

The competent LIBE Committee of the European Parliament on 3100 amendments were introduced in relation to the EU Commission's draft finally. In general, most social democratic and green MPs offered their services for amplification or clarification of the design, while the most conservative and liberal deputies strongly made ​​for a solution in the sense of the IT industry.

Lobbyplag drew up a list of MPs who, in the light of these amendments submitted, most emphatically for less privacy, and those who advocated for more privacy. As of early June, Axel Voss EPP / CDU brought for the softening of data protection therefore most one, in the strengthening of data protection was seen Jan Philipp Albrecht EFA / Greens in the first place. Both were introduced in amount per 147 amendments in favor of softening or strengthening of data protection.

Method

After long negotiations, a draft of the Irish Presidency in June 2013 failed in the Council of the European Union. Among other things, the representative of Germany, Britain and France signed up numerous concerns. The targeted positioning before the summer break so could not afford both the Council and Parliament. The negotiations on the Regulation will persist. On 21 October 2013, the European Parliament adopted the Interior and Justice Committee 's worked out through the Green MEP Jan Philipp Albrecht negotiating position with an overwhelming majority and confirmed on March 12, 2014 by the plenary.