Yesterday, the European Commission released a draft strategy for the protection of individuals’ data entitled “A comprehensive approach on personal data protection in the European Union”. The strategy is the result of public and stakeholder consultation throughout 2009 and 2010. While the protection of personal data is currently a hot topic, this strategy is not the first time the European Commission has addressed issues of data protection and electronic privacy. In 1995, the European Union release the Data Protection Directive (95/46/EC), which was a milestone in the EU’s protection of personal data. The Directive, however, has struggled to keep up with the rapid pace of technological advancement, particularly in the area of social media.
The new strategy appreciates the challenges of modern technology and recognizes that the protection of electronic information cannot be seen as a purely national concern. The strategy focuses on the strengthening of individual rights, through the provision of control and autonomy over one’s own personal data, and aims at providing users with greater information about who has access to their data and when such data has been viewed. Most interestingly, the strategy calls for a “right to be forgotten” whereby individuals have the right to completely remove their data from electronic forums, such as social networking sites, if and when they no longer want to participate.
The goal of the Commission is to propose a new general legal framework by mid-2011 that will protect personal data in the EU for all sectors. Currently, the EU has left the door open for public response with the deadline for comment set as January 15, 2011.