EU Issues Overview – 12 – 18 December 2015 Thumbnail
Newsletters 28 December 2015

EU Issues Overview – 12 – 18 December 2015

Data protection

EU: Negotiators reach informal agreement on the proposed EU data protection rules

  • On 15 December, the European Commission, the European Parliament and the Council of the European Union negotiators reached an agreement on the proposed overhaul of the EU data protection rules, backing the General Data Protection Regulation (GDPR) and a Directive on data handling in law enforcement. The GDPR will replace the current patchwork of national rules with a single set of provisions designed to increase people’s control over their data.
  • The GDPR will create a one stop shop mechanism, allowing companies that operate across the EU, to deal with a single data protection authority, instead of 28.
  • The text stipulates that companies breaching the provisions of the new Regulation could receive fines of up to 4% of their global annual turnover.
  • The question of consent divided the negotiators for a long-time. Under the agreement, the consent consumers give to organisations so that they can legally process their data should be unambiguous, which would require a clear affirmative action. An explicit consent would need to be given for processing of sensitive personal data and for profiling. EU Member States will be entitled to decide to set the limit for parental consent for personal data use anywhere between 13 and 16 years of age. The Regulation will require companies processing sensitive data on a large scale or collecting information on many consumers to appoint a data protection officer.
  • The GDPR will require companies to report data breaches to authorities within 72 hours and potentially also informed the individuals concerned.
  • Commenting on the agreement, EU Justice Commissioner Věra Jourová stated that citizens and businesses will profit from clear rules fit for the digital age.
  • On 17 December, the Parliament’s Civil Liberties Committee (LIBE) voted to adopt the informal agreement reached on the GDPR. The Committee of Permanent Country Representatives in the EU is expected to approve the informal deal next week. A plenary vote of the European Parliament will follow suit in early 2016. This could pave the way for the new rules to apply as of 2018.

EU: A two-year implementation period for the GDPR

  • There will be a two-year implementation period of the GDPR due to the complexity of the provisions and the necessity to define guidelines and ensure uniform approach.
  • Commissioner Jourová explained that the first year of the implementation will be used to set up guidelines on sanctions for data breaches for national DPAs. The Commission will closely work together with Article 29 Working Party. A campaign to inform EU citizens and business about their rights and obligations will be rolled out in the second year of the implementation. The Commissioner indicated that there is a strong interest for this kind of initiative in Germany and Austria.

EU: No new framework for transatlantic data transfers until all EU concerns addressed

  • Commenting on the ongoing negotiations on a new framework for transatlantic data transfers, EU Commissioner Jourová stated that there will be no deal until all EU concerns are addressed. The Commissioner explained that she will not propose for the Commission to take a unilateral decision establishing a new EU-US data deal before making sure that there are all necessary safeguards on the American side.
  • Alongside the definition of limitations for security authorities to request data, enforcement has been described as the most difficult point.

Open Internet

Germany: Social platforms pledge to speed up deletion of hate speech

  • On 15 December, German Federal Minister of Justice Heiko Maas announced that Facebook, Google and Twitter signed up to a task force against online xenophobia and racism and pledged to delete hate speech from their websites within 24 hours.
  • Germany has been pushing for web companies to do more to tackle hate speech online. A Bitkom survey unveiled that every second Internet user has read or encountered an example of racial slurs or threats of violence while using the web.

Additional Insight:

The German government wants to create a centralized agency on digital policies, a spokesperson of the German Federal Ministry for Economic Affairs and Energy confirmed. The agency would have the lead on the competition, market and consumer protection aspects of digital questions. The plan to create a centralized digital agency is part of an initiative called “More Security, Sovereignty and Self-Determination in the Digital Economy” presented in October. However, there are currently no plans to centralise decision-making at the ministry level – the ministries of Economics, Interior and Transport share decision-making powers on digital policy.


EU: ENISA analyses privacy enhancing technologies and proposes assessment model for online tools

  • The European Network and Information Security Agency (ENISA) presented the results of its study on privacy enhancing technologies (PETs). The Agency stated that while there is an increasing number of online tools designed to protect privacy when using the Internet and mobile applications, their functionality is often not in line with users’ expectations.
  • The report looked into the definition of the current level of information and guidance that is provided to the general public, and presented a proposal for an assessment model for online privacy tools.

EU: Public consultation launched on PPP on cybersecurity

  • On 18 December, the European Commission launched a public consultation on how to best set up a Public-Private Partnership (PPP) on cybersecurity. The stakeholders are invited to answer the questionnaire until the 11 March 2015.
  • The European Commission is expecting input on cybersecurity risks and threats that people and businesses in Europe are facing; cybersecurity market conditions in Europe and PPP technical priorities for research and innovation.
  • Along with the consultation, the Commission also published a Roadmap outlining different policy options that would help the European cybersecurity industry grow. Already the global market is expected to be worth around $100 billion by 2018.
  • Currently the cybersecurity market is fragmented and driven at national levels. The European Commission hopes to build trust among its members to tackle the fragmentation. The PPP is the first step in making industries and government work together and enabling them to build common silos creating a basis for increased cooperation.

Digital Single Market

EU: Draft report on Digital Single Market adopted by IMCO and ITRE Committees

  • On 15 December, the European Parliament’s Industry and Internal Market Committees adopted a draft report which provides the Parliament’s response to the Digital Single Market Strategy. The non- legislative document entitled “Towards a digital single market act “ was drafted by MEP Kaja Kallas (ALDE, Estonia) for the ITRE Committee and MEP Evelyne Gebhardt (S&D, Germany) for the IMCO Committee.
  • In the text, the two Committees expressed their concerns with regards to some Member States pursuing different approaches towards regulating the Internet and the sharing economy. The report highlighted the opportunities that new technologies, such as big data or cloud computing, could create for the EU economy and society.
  • With regards to the regulation of online platforms, the Committees called on the European Commission to establish whether potential issues related to online platforms could be resolved by a proper application of the existing rules. The MEPs also said that unjustified geo-blocking practices, which limit consumers’ access to services and goods based for example on IP address should stop.
  • The European Parliament will vote in plenary on the report in January.

UK: minister warns against intervening in online platforms

  • Baroness Neville-Rolfe, Under Secretary of State at the Department for Business, Innovation and Skills, warned against rushing regulation on online platforms, highlighting that the current framework provides appropriate tools to deal with competition issues.
  • The European Commission is currently looking into the role of online platforms. A public consultation runs until the end of December 2015.

Related articles

Newsletters 3 April 2020

Kilima: Highlights from ISOC Africa – March 2020

Africa Regional Bureau Newsletter for March 2020

Newsletters 3 February 2020

Kilima: Highlights from ISOC Africa – January 2020

Africa Regional Bureau Newsletter for January 2020

Newsletters 12 December 2019

Kilima: Highlights from ISOC Africa – November 2019

Africa Regional Bureau Newsletter for November 2019