Data protection authorities (DPAs) are expected to agree a common legal framework for global data protection laws...
The framework, which will require changes to national laws, will provide individuals with a greater degree of protection, both for personal and attributable information worldwide, according to Peter Hustinx, the European data protection supervisor.
Speaking at the European Network and Information Security summer school, Hustinx said the text of the framework is stable and DPAs have voiced support for the measure, which will be put to their global conference in Madrid in November.
The new measures will take into account technology advances such as cloud computing and offshoring.
Companies which collect and use personal data will have to ensure that personal information has the same level of protection wherever it is processed or stored as it would in the data collector's home nation.
Hustinx said he expects this protocol to become a global practice in the light of cloud computing and off-shoring.
He also expects the law to have a ripple effect in boardrooms as no one would be able to offset their responsibilities to third parties. "If you collect the data you are responsible for it, no matter who processes or stores it."
Hustinx said it was also likely that the protocol would be adopted by the United Nations and Organisation for Economic Cooperation and Development, among others, making it globally enforceable.
This would require some changes to laws that govern trans-border data flows. This would be simplified and clarified, he said.
There is a push to improve protection for individuals' privacy and this is likely to gain momentum since Irish passed the Lisbon treaty, Hustinx said.
There is now competition between various European commissioners to be the lead on privacy. A new commissioner for privacy and human rights might emerge as a result, he said.