EU Data Protection Reform: Council Agrees on General Principles and the "One-Stop-Shop" Mechanism

On 13 March 2015, the EU Council of Ministers reached a partial general approach on specific issues of the draft regulation setting out a general EU framework for data protection, on the understanding that nothing is agreed until everything is agreed. The partial general approach includes the chapters and the recitals concerning the "one-stop-shop" mechanism (chapters VI and VII) as well as the chapter and the recitals relating to the principles for protecting the personal data (chapter II).

"One-Stop-Shop" Mechanism

In October and December 2013, the Council already expressed its support for the principle that, in important transnational cases, the regulation should establish a "one-stop-shop" mechanism in order to arrive at a single supervisory decision, which should be fast, ensure consistent application, provide legal certainty and reduce the administrative burden. This is an important factor to enhance the cost-efficiency of the data protection rules for international business, and so to contribute to the growth of the digital economy.

According to the text agreed, the one-stop-shop mechanism should only play a role in important cross-border cases and will provide for cooperation and joint-decision making between several data protection authorities concerned. The text clarifies that the jointly agreed decision will be adopted by the data protection authority best placed to deliver the most effective protection from the perspective of the data subject.

Principles for Protecting Personal Data

Regarding the general principles of data processing, Ministers have endorsed a set of principles for lawful, fair and transparent data processing. An emphasis has been put on processing of special categories of personal data. The text includes also measures for processing on the basis of consent.

Aim of EU Data Protection Reform

The data protection legislative reform aims at creating a more rigorous and coherent data protection framework in the EU, backed by strong enforcement that will allow the digital economy to develop across the internal market, put individuals in control of their own data and provide for greater legal and practical certainty for economic operators and public authorities. Data protection in the European Union is a fundamental right. The EU data protection reform seeks to ensure a very high level of protection of personal data.

(ga)

Council of the EU, General Data Protection Regulation - The one-stop-shop mechanism (Chapters VI and VII), 6833/15 of 9 March 2015

Council of the EU, General Data Protection Regulation - Principles (Chapter II), 6834/15 of 9 March 2015

EU Council, Press Release 114/15 of 13 March 2015

EU Council site on Data Protection Reform