After many setbacks and delays in developments for EU data protection reform (see our previous blogs on the first European Parliament vote delay and subsequent vote pushback), October was an exciting month of progress. The Ministers in the Council agreed on a centralised, one-stop-shop mechanism for data protection, and the European Parliament voted in favour of the proposed new data protection regulation and directive. However, all this enthusiasm came to nothing, with European Council Conclusions revealing that the reformed EU Data Protection Framework is not to be adopted until 2015 – long after the next European Parliament elections in May 2014.
Hopes for a swift reform have further been dampened by recent announcements (13/1027 and 13/1029) by Vice President of the European Commission Viviane Reding, following the EU Justice and Home Affairs Council meeting on 6 December 2013.
Reding’s most recent announcements condemn the Council and the Lithuanian Presidency for failing to seize the opportunity to ultimately deliver on EU data protection reform. Reding blames further delay on the Council getting caught up in the legal complexities regarding the one- stop-shop mechanism, rather than progressive political discussion. The Council previously agreed to the concept of a one-stop-shop principle in October, subject to a few further clarifications as to how the mechanism would ensure proximity between individuals and the nominated leading supervisory authority. Concerns about facilitating this proximity have not been resolved and new concerns have arisen about how data subjects will be granted effective redress under this mechanism. Reding despairs that the Council’s legal service has reopened questions already resolved and agreed upon in October.
When asked about the meeting on 6 December, she commented “We were almost there! Today we have moved backwards; instead of seeing the wood for the trees, Ministers have got bogged down in details, meaning that even after three months of discussions on the one-stop-shop principle there is still no workable solution on the table. I have always been vocal calling for a swift agreement on data protection reform, but today I must say not at any cost, I cannot support a reformed framework with a one-stop-shop that would become an empty shell. This Council has been a missed opportunity.”
Reding deplores the back-pedalling witnessed throughout the Lithuanian Presidency, and calls for the incoming Greek Presidency to take the reins and put progress for reform back on track. The incoming Greek Presidency seem equally as keen to conclude discussions and provide a swift solution for reform, with 10 days of meetings on data protection already scheduled on the agenda.