In a vote today, the European Parliament has given its formal approval to its version of the new European Data Protection Regulation. With an approval given by 621 for, 10 against, 22 abstentions, the path is now set for the next phase of negotiation and agreement concerning the proposals.

Although many groups will be pleased with the outcome, there remains concern in the business community on the practical implications of implementing the text in its current draft form. The process of determining the final framework of the reform is now dependent upon agreement being reached at Council level, with Member States still seemingly far away from a consolidated approach. Outstanding issues include the approach to third country data transfers, the use of automated profiling, the obligations of the controller and processor and the concept of the ‘one-stop-shop’, amongst others.

The objective which has now been set in the European Union is to seek agreement at Council level before the Ministerial meeting scheduled in June 2014, with a view to establishing a common position at this point. By keeping to this timetable, the process of the trilogue negotiation between the three EU institutions can commence to find an agreed approach to the new legal framework after the summer recess period this year.