Skip to content. | Skip to navigation

Personal tools
Sections
You are here: Home topics Data protection in the EU
Document Actions

Data protection in the EU

Under EU law, personal data can only be gathered legally under strict conditions, for a legitimate purpose. Persons or organisations which collect and manage your personal information must protect it from misuse and must respect certain rights of the data owners which are guaranteed by EU law. Common EU rules have been established to ensure that people's personal data enjoys a high standard of protection everywhere in the EU. You have the right to complain and obtain redress if your data is misused anywhere within the EU. The EU's Data Protection Directive also foresees specific rules for the transfer of personal data outside the EU to ensure the best possible protection of your data when it is exported abroad.

Code of Practice against disinformation
The European Commission published on 29 January the first reports submitted by signatories of the Code of Practice against disinformation signed in October 2018.

EU urges tech giants to step up fight against fake news
The EU Commission called on tech giants including Google, Facebook and Twitter Tuesday to intensify their efforts to crack down on disinformation in the run up to the 2019 European elections.

EU states agree better protection for whistleblowers
The EU is moving towards guaranteeing a high level protection to whistleblowers across a wide range of sectors, following agreement Friday by EU states' ambassadors.

EU-Japan data sharing agreement comes into effect
The EU Commission adopted Wednesday an 'adequacy decision' which allows personal data to flow freely between the European Union and Japan on the basis of strong protection guarantees.

A website has data responsibility for Facebook 'like' button: EU Court
A website's use of Facebook's 'Like' button, which processes users' personal data, makes the website jointly responsible for that stage of the data processing, says the EU top Court's Advocate General.

EU opens up free movement of non-personal data
EU ministers provided a boost to Europe's data economy Friday, signing off on a new directive aimed at removing obstacles to the free movement of non-personal data within the EU.

EU, Japan edge towards data protection deal
Following the July conclusion of EU-Japan talks on personal data flows, the Commission launched Thursday a procedure for adoption of its decision on data protection adequacy between the two blocs.

Digital rights open up for holidaymakers across EU
Following the end of roaming charges across the European Union last year, holidaymakers are now able to travel with their online TV, film, sports, music or e-book subscriptions at no extra cost.

Japan adequacy decision
The European Commission adopted on 23 January 2019 its adequacy decision on Japan, allowing personal data to flow freely between the two economies on the basis of strong protection guarantees.

Jehovah's Witnesses must comply with data privacy law: EU Court
The processing of personal data carried out by Jehovah's Witnesses during their door-to-door preaching must respect EU law on the protection of personal data, the EU's top court ruled on Tuesday.

EU agrees deal on free flow of non-personal data
The European Parliament, Council and Commission reached a political agreement late Tuesday on new rules that will allow data to be stored and processed everywhere in the EU without unjustified restrictions.

Free flow of non-personal data in the EU
The European Parliament, Council and the European Commission on 19 June reached a political agreement on new rules that will allow data to be stored and processed everywhere in the EU without unjustified restrictions.

Data protection - Rules for the protection of personal data inside and outside the EU
The General Data Protection Regulation (GDPR), the Data Protection Law Enforcement Directive and other rules concerning the protection of personal data, as well as authorities tasked with enforcement.

GDPR - what changes after May 2018
The General Data Protection Regulation rules will apply as of 25 May 2018. They will bring several improvements to deal with data protection violations in the future.

The new EU Data Protection Regulation - rules for European businesses
The EU's General Data Protection Regulation (GDPR) - which applies as of 25 May 2018 - will make it easier for companies to do business across the EU. The new law will help businesses fully benefit from the digital economy throughout the EU's Digital Single Market.

Seven steps to get ready for the GDPR
his guide aims to help those companies that do not handle personal data as a core business activity, such as SMEs that mainly deal with personal data of their employees or have lists of clients and customers. This includes for instance traders or shops, such as a bakery or a butcher, or service providers like architects. This guide highlights the few steps that need to be taken to get ready for the GDPR.

EU states must be ready for new data protection rules, says Brussels
With new EU data protection rules set to come into force on 25 May, the European Commission has published guidance to help Member States prepare for the changes and provide support to businesses.

2018 reform of EU data protection rules
Stronger rules on data protection mean people have more control over their personal data and businesses benefit from a level playing field.

General Data Protection Regulation - background guide
The data protection reform package which entered into force in May 2016 and will be applicable as of May 2018 includes the General Data Protection Regulation ("Regulation") and the Data Protection Directive for the police and criminal justice sector.

Talks set to remove barriers to free flow of data in Europe
A draft proposal to allow non-personal data to move freely across borders, removing unjustified restrictions on the geographical location for storing and processing data, was agreed Wednesday by EU states.

Restrictions to Cross-Border Data Flows: a Taxonomy
Strict privacy regimes, requests to use local data centres and outright bans to transfer data abroad are a few examples of policies imposed recently that restrict data from crossing national or regional borders. This paper is the first one to propose a comprehensive taxonomy of these restrictions, which has a bearing on international trade law. Restrictions on cross-border data flows may affect countries’ legal commitments under various trade agreements, including the General Agreement on Trade in Services (GATS). This taxonomy can be the basis of further legal and economic research to assess the legitimacy and necessity of these under international trade law.

Privacy activist can sue Facebook, but no class action: EU Court
Austrian privacy activist Maximilian Schrems can sue Facebook Ireland before the Austrian Courts with respect to the private use of his Facebook account, an EU Court advisor said Wednesday.

EU-US Privacy Shield review finds room for improvement
The EU- U.S. Privacy Shield is doing a good job in protecting the personal EU personal data but there is some room for improving its implementation, the Commission says in its first annual review.

Annual Review of the EU-U.S. Privacy Shield
The European Commission published on 18 October its first annual report on the functioning of the EU- U.S. Privacy Shield, the aim of which is to protect the personal data of anyone in the EU transferred to companies in the U.S. for commercial purposes.

EU targets end to data localisation
The EU Commission proposed a framework for the free flow of non-personal data Tuesday, highlighting the removal of data localisation restrictions as key to unlocking the potential of Europe's data economy.