Data protection guides

European Digital Identity - guide — 08 November 2023, 23:00 CET

With a view to ensuring a trusted and secure digital identity for all Europeans, the EU Council presidency and European Parliament representatives reached on 8 November a provisional agreement on a new framework for a European digital identity (eID).

EU-US Data Privacy Framework - guide — 10 July 2023, 23:33 CET

On 11 July, the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework. The adequacy decision concludes that the United States ensures an adequate level of protection - compared to that of the EU - for personal data transferred from the EU to US companies participating in the EU-U.S. Data Privacy Framework. The adequacy decision follows the US' signature of an Executive Order on ‘Enhancing Safeguards for United States Signals Intelligence Activities', which introduced new binding safeguards to address the points raised by Court of Justice of the European Union in its Schrems II decision of July 2020. Notably, the new obligations were geared to ensure that data can be accessed by US intelligence agencies only to the extent of what is necessary and proportionate, and to establish an independent and impartial redress mechanism to handle and resolve complaints from Europeans concerning the collection of their data for national security purposes.

GDPR Procedural Regulation: stronger enforcement of the GDPR in cross-border cases - guide — 04 July 2023, 22:05 CET

The European Commission proposed on 4 July new rules to support the effectiveness and efficiency of enforcement of the General Data Protection Regulation (GDPR) in cross-border cases. The GDPR Procedural Regulation aims to streamline cooperation between data protection authorities (DPAs), by harmonising some aspects of their administrative procedures in cross-border cases.

Data Act - guide — 11 January 2024, 22:17 CET

Today, the European Data Act entered into force on 11 January 2024. The new rules define the rights to access and use data generated in the EU across all economic sectors and will make it easier to share data, in particular industrial data.

EU data protection rules 2-year review — 24 June 2020, 23:56 CET

Two years after its entry into application, the European Commission published on 24 June an evaluation report on the General Data Protection Regulation (GDPR).

The shape of Europe's digital future — 19 February 2020, 17:49 CET

The European Commission unveiled on 19 February its strategy for a society powered by digital solutions that put people first, opens up new opportunities for businesses, and boosts the development of trustworthy technology to foster an open and democratic society and a vibrant and sustainable economy.

Code of Practice against disinformation — 29 January 2019, 23:39 CET

The European Commission published on 29 January the first reports submitted by signatories of the Code of Practice against disinformation signed in October 2018.

Japan adequacy decision — 23 January 2019, 21:13 CET

The European Commission adopted on 23 January 2019 its adequacy decision on Japan, allowing personal data to flow freely between the two economies on the basis of strong protection guarantees.

Free flow of non-personal data in the EU — 21 June 2018, 20:32 CET

The European Parliament, Council and the European Commission on 19 June reached a political agreement on new rules that will allow data to be stored and processed everywhere in the EU without unjustified restrictions.

General Data Protection Regulation - background guide — 21 May 2018, 18:50 CET

The data protection reform package which entered into force in May 2016 and will be applicable as of May 2018 includes the General Data Protection Regulation ("Regulation") and the Data Protection Directive for the police and criminal justice sector.

Annual Review of the EU-U.S. Privacy Shield — 18 October 2017, 20:38 CET

The European Commission published on 18 October its first annual report on the functioning of the EU- U.S. Privacy Shield, the aim of which is to protect the personal data of anyone in the EU transferred to companies in the U.S. for commercial purposes.

Data protection reform package — 24 May 2017, 15:35 CET

The EU data protection reform package entered into force in May 2016 and will be applicable as of May 2018. It includes the General Data Protection Regulation ("Regulation") and the Data Protection Directive for the police and criminal justice sector.

Exchanging and Protecting Personal Data in a Globalised World — 12 January 2017, 23:17 CET

The European Commission is proposing new legislation to ensure stronger privacy in electronic communications, while opening up new business opportunities.

EU-U.S. Data Protection "Umbrella Agreement" - questions & answers — 01 December 2016, 14:46 CET

The EU-US data protection "Umbrella Agreement", given the green light by the European Parliament on 1 December, puts in place a comprehensive high-level data protection framework for EU-US law enforcement cooperation.

EU Data Protection Regulation: Where do businesses need to take action now? — 01 July 2016, 00:20 CET

After a protracted negotiation and design phase, the EU General Data Protection Regulation (GDPR) was adopted by the European Parliament on 04/14/2016 and entered into force on 05/24/2016. After 20 years, data protection law is at a whole new level and particularly uniform for the European Union.

EU-U.S. Privacy Shield legal texts — 29 February 2016, 13:47 CET

The European Commission issued on 29 February the legal texts that will put in place the EU-U.S. Privacy Shield as well as a Communication summarising action taken to restore trust in transatlantic data flows since the 2013 surveillance revelations.

EU-US Privacy Shield — 02 February 2016, 18:49 CET

The European Commission and the United States agreed on 3 February a new framework for transatlantic data flows: the EU-US Privacy Shield.

EU-US data protection "Umbrella agreement" — 09 September 2015, 00:29 CET

The EU has finalised negotiations with the United States on high data protection standards for transatlantic law enforcement cooperation. The finalisation of the Umbrella Agreement negotiations is seen as an important step to strengthen the fundamental right to privacy effectively and to rebuild trust in EU-US data flows.

Stronger data protection rules for Europe — 15 June 2015, 23:41 CET

Ministers in the Justice Council sealed on 15 June a general approach on a European Commission proposal on the Data Protection Regulation. Modern, harmonised data protection rules will contribute to making Europe fit for the digital age and are a step forward to the EU Digital Single Market. Trilogue negotiations with the Parliament and the Council will start in June; the shared ambition is to reach a final agreement by the end of 2015.

Guidelines on the re-use of public sector information — 17 July 2014, 16:26 CET

The European Commission published on 17 July guidelines to help EU Member States benefit from the revised Directive on the re-use of public sector information (PSI Directive). These guidelines explain for example how to give access to weather data, traffic data, property asset data and maps. Open data can be used as the basis for innovative value-added services and products, such as mobile apps, which encourage investment in data-driven sectors.

Data-Driven Economy — 02 July 2014, 14:57 CET

With data collection and exploitation on the increase, the European Commission has responded to industry and grass-roots demands by calling on national governments to wake-up to this “big data” revolution.

The Data Retention Directive — 08 April 2014, 19:07 CET

The Data Retention Directive was adopted in the aftermath of the terrorist attacks in Madrid in 2004 and London in 2005 as there was a sense of urgency to harmonise the European efforts to investigate and prosecute the most serious crimes.

Restoring Trust in EU-US data flows — 27 November 2013, 13:53 CET

The European Commission has set out actions to be taken in order to restore trust in data flows between the EU and the U.S., following deep concerns about revelations of large-scale U.S. intelligence collection programmes, which have had a negative impact on the transatlantic relationship.

EU-US agreement on the transfer of Passenger Name Record (PNR) data — 27 November 2013, 13:39 CET

In 2011 the EU and the US agreed on a new PNR Agreement regulating the transfer of Passenger Name Record (PNR) by air carriers to the US. This agreement entered into force on 1 July 2012, replacing the previous one from 2007. It provides for a first joint review one year after its entry into force and regularly thereafter.

Data protection rules: backing from European Parliament Industry committee — 20 February 2013, 22:31 CET

The European Parliament’s Industry, Research and Energy Committee (ITRE) has given its backing to Commission proposals to reform the EU’s data protection rules which date back to 1995. The vote on the Committee’s opinion, drafted by Member of the European Parliament Seán Kelly, is the latest step towards a swift adoption of the proposed legislation. The Committee’s opinion – which covers the draft general Data Protection Regulation – will now be submitted to the Civil Liberties, Justice and Home Affairs Committee (LIBE), which will consolidate all the amendments submitted so far and vote on its own report at the end of April.