{"id":10742,"date":"2013-01-31T13:18:38","date_gmt":"2013-01-31T13:18:38","guid":{"rendered":"http:\/\/inprogress.hiig.de\/?p=10742"},"modified":"2019-02-19T17:08:45","modified_gmt":"2019-02-19T16:08:45","slug":"the-making-of-the-eus-data-protection-regulation","status":"publish","type":"post","link":"https:\/\/www.hiig.de\/en\/the-making-of-the-eus-data-protection-regulation\/","title":{"rendered":"The making of the EU\u2019s Data Protection Regulation"},"content":{"rendered":"

As anyone who deals with draft bills knows, those involved need to have a lot of staying power. The proposed European Data Protection Directive is a case in point. Ever since the EU Commission in Brussels tabled its initial draft regulation (Verordnungsentwurf (PDF))<\/a> in January 2012, there have been countless public discussions, debates and negotiations, for example as to whether the regulations should apply to an equal extent to public and private data processors or under which circumstances data processors have a \u201clegitimate interest\u201d in saving personal data without the explicit consent of the person concerned. Also: Which penalties should be imposed for violating the rules and for which offences can people be prosecuted in the first place?<\/em><\/p>\n

It helps to take a look at how the legislation process works on EU level and what stage the reform of the Data Protection Regulation has reached, in order to find one\u2018s way through this maze of discussions.
\n<\/b><\/b><\/p>\n

The triad of EU institutions involved in the legislative process: the European Commission, European Parliament and the European Council<\/h3>\n

In legislative procedures of this kind, the European Commission has what is referred to as the power of initiative, with which a legislation process commences. It availed itself of this right at the beginning of 2012 by tabling the aforementioned draft data protection regulation. Regulations are powerful instruments in the EU because they take immediate effect in all Member States \u2013 as opposed to directives, which first have to be implemented in the form of national laws. A Data Protection Directive has been in existence since 1995, from the early days of the Internet, in other words.<\/p>\n

The Regulation, however, can only be passed when both the Council of the European Union and the EU Parliament have voted in favour. The Council comprises the representatives of all 27 Member States, whereas the EU Parliament is elected by the European citizens. The two committees have a maximum of three attempts (readings) of the regulation. If no consensus is reached, a meeting of the Conciliation Committee is convened.<\/p>\n

The Council and the Parliament are currently reviewing the draft bill submitted by the Commission and working on amendments. Feedback can be expected in March. But how do the numerous contributions to the text and all the contrasting opinions evolve to become a Regulation?
\n<\/b><\/b><\/p>\n

Who is working on the text?<\/h3>\n

The Parliament<\/strong><\/p>\n

There are five Parliamentary panels<\/a> discussing the Data Protection Regulation, each submitting their relevant arguments. The Civil Liberties, Justice and Home Affairs Committee (LIBE<\/a>) plays a leading role. It also provides the Rapporteur: Jan Philipp Albrecht<\/a> of the Green Party (Die Gr\u00fcnen). It is Albrecht\u2019s responsibility to collate the opinions put forward by the participating committees and assemble them as far as possible and in such a way that the report submitted by his committee may serve as a proposal to be put to the vote at the next parliamentary session.<\/p>\n

The first draft<\/a> put forward by Albrecht on 16 January 2013 accordingly attracted a great deal of media interest. But it is still only a draft proposal. Observers point out that some of the statements issued by the other four panels contained opposing views which Albrecht had failed to address. In the end, the individual stances on the question of consent, for example, differed widely. So the next few weeks leading up to the indicative vote of the LIBE Committee scheduled for the end of March are very important. By then it is hoped that a more cohesive text will be available.
\n<\/b><\/b><\/p>\n

The Council<\/strong><\/p>\n

There is just one working group that deals with the Data Protection Regulation in the Council of the European Union, but it consists of representatives from all 27 countries: the Working Party on Information Exchange and Data Protection (DAPIX). The group operates under Ireland\u2019s EU Presidency and is reportedly organising the process in a very determined manner. The Irish Government sees the genesis of a Data Protection Regulation as a precondition for promoting the European online market<\/a> \u2013 one of the goals it has set itself for its term of presidency.<\/p>\n

For the time being, meetings take place on desk officer level in order to obtain an insight into the different points of view \u2013 although, admittedly, no agreement on individual aspects has so far been forthcoming. The first joint official statement is not likely to be issued by the EU Council until March.
\n<\/b><\/b><\/p>\n

Springtime \u2013 time to show one\u2019s colours<\/h3>\n

We will have to wait until the spring to find out who is forming a coalition with whom on the subject of data protection and whether the EU Parliament and Council will back the same wording for the Regulation. To speed matters up, the two committees want to arrange another meeting to negotiate critical issues in a smaller circle (Trialogue) before the text is read out in Parliament for the first time.
\n<\/b><\/b><\/p>\n

Ultimate clarity in data protection remains improbable<\/h3>\n

Anyone who thinks that there will be less talk about data protection once the first European Data Protection Regulation has been passed \u2013 perhaps in 2014<\/a> \u2013 is mistaken, however. Because, at the latest when local courts have to rule on the first incidents and problems crop up when it comes to interpreting the norms, they will pass the cases on, and it will be up to the European Court of Justice to provide clarity.<\/p>\n