Yesterday (21 October), the European Parliament's Civil Liberties Committee (LIBE) has adopted a report by rapporteur Jan Phillip Albrecht MEP. The report calls for a uniform Data Protection Regulation, replacing the 28 different regimes across Member States.
The main aim of the proposal is to protect citizens and consumers against large (Internet based) corporations abusing and selling on their data. Consumers will have the 'right of erasure' - which was changed from the original 'right to be forgotten' - and the way data is shared with non-EU countries, such as the US, will be significantly restricted.
The debate, which in recent months has been fuelled by alleged data breaches by US tech giants, as well as political matters such as the NSA affaire, has resulted in thousands of amendments to the original Commission proposal, making it a much more rigid deal. Any business for instance, regardless of its size, is expected to dedicate a data protection officer, once it holds a certain number of data subjects, which comes with an estimated cost of up to EUR 80.000
ESBA Secretary General Patrick Gibbels said: ''This proposal has long stopped being just about consumer protection and has grown into a European tour de force against US interference. The interests of our members seem to be of secondary to no importance in this debate. Micro and small businesses are carelessly accepted as collateral damage in this 'shock and awe' approach the LIBE committee is taking. Any business for instance, regardless of its size, is expected to have a dedicated data protection officer, once it holds a certain number of data subjects, which comes at an estimated cost of up to EUR 80.000. Obviously this will be detrimental to the smallest businesses and surely this is not what the European Commission had in mind when drafting the original proposal. We realise that times are changing and a revision of our data protection rules is of the essence, but not at the expense of our already struggling small businesses''.