Following the adoption of the EU Data Protection Regulation by the Council of Ministers last week, today saw the first meeting of the European Commission, European Parliament and Council of Ministers under what is known as the trilogue process, with the aim of negotiating the final wording of the Regulation.
From the press statement today, the European Commissioner for Justice, Věra Jourová, indicated that the Commission, Council and Parliament agree on the main elements of the Regulation, including:
- the need for a single set of rules on data protection, valid across the EU;
- reinforced rights for data subjects;
- the same rules for companies from within and from outside the EU;
- a strong and effective one-stop shop mechanism; and
- that the 1995 Data Protection Directive provides the minimum level of data protection needed to guarantee such reform.
During the meeting, the negotiators reaffirmed their commitment to finalise the Regulation by end of this year and agreed on a “roadmap” for the upcoming meetings. While the full details of the roadmap were not released, the draft agenda for further trilogue meetings to reach final agreement on Chapters in the Regulations includes:
- 14 July 2015: territorial scope (Article 3) and international transfers (Chapter V);
- September: principles (Chapter II); rights of the data subject (Chapter III) and controller and processor (Chapter IV);
- October: data protection authorities (Chapter VI); cooperation and consistency (Chapter VII) and remedies, liabilities and sanctions (Chapter VIII);
- November: general provisions, such as objectives and material scope (Chapter I) and specific regimes (Chapter IX); and
- December: delegated and implementing acts (Chapter X), final provisions (Chapter XI) and other remaining issues.