Sergii Figurnyi - Fotolia
Member of the European Parliament’s Civil Liberties, Justice and Home Affairs Committee (LIBE) have passed amendments to new EU rules on the processing of personal data by EU institutions.
The update of the existing law from 2001 is aimed at strengthening and modernising the rules by bringing them into line with the General Data Protection Regulation (GDPR) which was adopted in 2016, with the deadline for compliance set for 25 May 2018.
MEPs emphasised that the new rules should cover not only the EU institutions, but also bodies, offices and agencies to ensure a strong and coherent framework for data processing throughout the EU.
The new rules are aimed at ending the fragmentation of the rules for data processing by EU agencies, including those in the law enforcement sector.
To this end, MEPs included a specific set of rules for processing law enforcement data that is in line with the directive on data transfers for policing and judicial purposes, which was adopted at the same time as the GDPR and rules currently used by Europol.
To further strengthen transparency, MEPs want all EU institutions and bodies to establish their own central register of data processing and make the register publicly accessible. The MEPs also set clear provisions to limit the use of the data processed and to minimise data stored, specifying that inaccurate data should be erased or rectified without delay, in line with the GDPR.
The MEPs said the European Commission should be obliged to consult the European Data Protection Supervisor when preparing new legislative proposals. They also support the European Data Protection Supervisor being able to fine EU institutions, bodies or agencies that do not live up to the data protection rules.
Read more about the GDPR
- Government to strengthen UK data protection law.
- The GDPR is not only relevant to CISOs and DPOs, and has a massive impact on businesses.
- There is no time for businesses to delay in preparing for the GDPR, says the UK privacy watchdog.
- Businesses should be forging ahead with preparations to comply with the EU General Data Protection Regulation regardless of Brexit, says the Information Commissioner’s Office.
“Most importantly, we want a single unified framework for processing personal data by EU institutions, bodies and agencies to ensure not only a high level of data protection, but also clarity for the individuals whose data is being processed,” said Cornelia Ernst, Civil Liberties Committee member and German MEP.
The Civil Liberties Committee passed the amendments to the new regulation by 45 votes to seven, with six abstentions. MEPs also voted to open up talks with the European Council. The decision will now be put to the Plenary in October for confirmation.