Skip to content. | Skip to navigation

Personal tools
Sections
You are here: Home topics Data protection in the EU
Document Actions

Data protection in the EU

Under EU law, personal data can only be gathered legally under strict conditions, for a legitimate purpose. Persons or organisations which collect and manage your personal information must protect it from misuse and must respect certain rights of the data owners which are guaranteed by EU law. Common EU rules have been established to ensure that people's personal data enjoys a high standard of protection everywhere in the EU. You have the right to complain and obtain redress if your data is misused anywhere within the EU. The EU's Data Protection Directive also foresees specific rules for the transfer of personal data outside the EU to ensure the best possible protection of your data when it is exported abroad.

The new EU Data Protection Regulation - rules for European businesses
The EU's General Data Protection Regulation (GDPR) - which applies as of 25 May 2018 - will make it easier for companies to do business across the EU. The new law will help businesses fully benefit from the digital economy throughout the EU's Digital Single Market.

Seven steps to get ready for the GDPR
his guide aims to help those companies that do not handle personal data as a core business activity, such as SMEs that mainly deal with personal data of their employees or have lists of clients and customers. This includes for instance traders or shops, such as a bakery or a butcher, or service providers like architects. This guide highlights the few steps that need to be taken to get ready for the GDPR.

EU states must be ready for new data protection rules, says Brussels
With new EU data protection rules set to come into force on 25 May, the European Commission has published guidance to help Member States prepare for the changes and provide support to businesses.

2018 reform of EU data protection rules
Stronger rules on data protection mean people have more control over their personal data and businesses benefit from a level playing field.

General Data Protection Regulation - background guide
The data protection reform package which entered into force in May 2016 and will be applicable as of May 2018 includes the General Data Protection Regulation ("Regulation") and the Data Protection Directive for the police and criminal justice sector.

Talks set to remove barriers to free flow of data in Europe
A draft proposal to allow non-personal data to move freely across borders, removing unjustified restrictions on the geographical location for storing and processing data, was agreed Wednesday by EU states.

Restrictions to Cross-Border Data Flows: a Taxonomy
Strict privacy regimes, requests to use local data centres and outright bans to transfer data abroad are a few examples of policies imposed recently that restrict data from crossing national or regional borders. This paper is the first one to propose a comprehensive taxonomy of these restrictions, which has a bearing on international trade law. Restrictions on cross-border data flows may affect countries’ legal commitments under various trade agreements, including the General Agreement on Trade in Services (GATS). This taxonomy can be the basis of further legal and economic research to assess the legitimacy and necessity of these under international trade law.

Privacy activist can sue Facebook, but no class action: EU Court
Austrian privacy activist Maximilian Schrems can sue Facebook Ireland before the Austrian Courts with respect to the private use of his Facebook account, an EU Court advisor said Wednesday.

EU-US Privacy Shield review finds room for improvement
The EU- U.S. Privacy Shield is doing a good job in protecting the personal EU personal data but there is some room for improving its implementation, the Commission says in its first annual review.

Annual Review of the EU-U.S. Privacy Shield
The European Commission published on 18 October its first annual report on the functioning of the EU- U.S. Privacy Shield, the aim of which is to protect the personal data of anyone in the EU transferred to companies in the U.S. for commercial purposes.

EU targets end to data localisation
The EU Commission proposed a framework for the free flow of non-personal data Tuesday, highlighting the removal of data localisation restrictions as key to unlocking the potential of Europe's data economy.

Data protection reform package
The EU data protection reform package entered into force in May 2016 and will be applicable as of May 2018. It includes the General Data Protection Regulation ("Regulation") and the Data Protection Directive for the police and criminal justice sector.

Euro-MPs address new online privacy rules
A European Parliament committee is working on new privacy rules which would take account of new practices such as internet-based messaging and allow users better control of their privacy settings.

Exchanging and Protecting Personal Data in a Globalised World
The European Commission is proposing new legislation to ensure stronger privacy in electronic communications, while opening up new business opportunities.

Skype, WhatsApp face tighter EU e-Privacy laws
Services such as Skype and WhatsApp would need to respect similar e-Privacy rules to those for traditional phone and text messaging services under plans to update EU data privacy rules unveiled Tuesday.

Euro-MPs greenlight EU-US data protection agreement
The European Parliament gave the green light Thursday to the EU-US 'Umbrella Agreement' on the protection of personal data exchanged across the Atlantic for the purposes of law enforcement.

EU-U.S. Data Protection "Umbrella Agreement" - questions & answers
The EU-US data protection "Umbrella Agreement", given the green light by the European Parliament on 1 December, puts in place a comprehensive high-level data protection framework for EU-US law enforcement cooperation.

Websites can store IP Addresses, rules EU Court
A website operator can store certain personal data relating to visitors of the site if it helps to identify the visitor and also to protect itself against cyber attacks, the EU's top court ruled on Thursday.

EU - U.S. Privacy Shield goes operational
From 1 August, companies can sign up to the Privacy Shield with the U.S. Department of Commerce who can verify their privacy policies comply with data protection standards required by the EU-U.S. agreement signed 12 July.

EU-US data transfer accord enters into force
The European Union approved Tuesday the EU-U.S. Privacy Shield, a special arrangement that replaces the former 'Safe Harbor' agreement to allow transfer of personal data from the EU to the United States.

EU Data Protection Regulation: Where do businesses need to take action now?
After a protracted negotiation and design phase, the EU General Data Protection Regulation (GDPR) was adopted by the European Parliament on 04/14/2016 and entered into force on 05/24/2016. After 20 years, data protection law is at a whole new level and particularly uniform for the European Union.

EU, US sign shared law enforcement data deal
The EU signed an 'umbrella' deal on protection of shared data with the United States Thursday, putting in place a comprehensive data protection framework for criminal law enforcement cooperation.

EU-US 'Privacy Shield' data deal needs improvement, say MEPs
The European Parliament urged the EU Commission Thursday to go on negotiating with the United States over the proposed 'Privacy Shield' protection for EU citizens’ data transferred to the US for commercial purposes.

MEPs back EU directive on use of Passenger Name Records
Airlines will have to hand national authorities passengers' data for all flights from third countries to the EU and vice versa under a directive regulating the use of Passenger Name Record data in the EU, approved by the European Parliament.

EU votes in new rules for personal data protection
Euro-MPs have given the green light to new EU data protection rules aiming to give citizens back control of their personal data and create a high, uniform level of data protection across the EU.