Skip to content. | Skip to navigation

Personal tools
Sections
You are here: Home topics Data protection in the EU
Document Actions

Data protection in the EU

Under EU law, personal data can only be gathered legally under strict conditions, for a legitimate purpose. Persons or organisations which collect and manage your personal information must protect it from misuse and must respect certain rights of the data owners which are guaranteed by EU law. Common EU rules have been established to ensure that people's personal data enjoys a high standard of protection everywhere in the EU. You have the right to complain and obtain redress if your data is misused anywhere within the EU. The EU's Data Protection Directive also foresees specific rules for the transfer of personal data outside the EU to ensure the best possible protection of your data when it is exported abroad.

General Data Protection Regulation - background guide
The data protection reform package which entered into force in May 2016 and will be applicable as of May 2018 includes the General Data Protection Regulation ("Regulation") and the Data Protection Directive for the police and criminal justice sector.

Talks set to remove barriers to free flow of data in Europe
A draft proposal to allow non-personal data to move freely across borders, removing unjustified restrictions on the geographical location for storing and processing data, was agreed Wednesday by EU states.

Restrictions to Cross-Border Data Flows: a Taxonomy
Strict privacy regimes, requests to use local data centres and outright bans to transfer data abroad are a few examples of policies imposed recently that restrict data from crossing national or regional borders. This paper is the first one to propose a comprehensive taxonomy of these restrictions, which has a bearing on international trade law. Restrictions on cross-border data flows may affect countries’ legal commitments under various trade agreements, including the General Agreement on Trade in Services (GATS). This taxonomy can be the basis of further legal and economic research to assess the legitimacy and necessity of these under international trade law.

Privacy activist can sue Facebook, but no class action: EU Court
Austrian privacy activist Maximilian Schrems can sue Facebook Ireland before the Austrian Courts with respect to the private use of his Facebook account, an EU Court advisor said Wednesday.

EU-US Privacy Shield review finds room for improvement
The EU- U.S. Privacy Shield is doing a good job in protecting the personal EU personal data but there is some room for improving its implementation, the Commission says in its first annual review.

Annual Review of the EU-U.S. Privacy Shield
The European Commission published on 18 October its first annual report on the functioning of the EU- U.S. Privacy Shield, the aim of which is to protect the personal data of anyone in the EU transferred to companies in the U.S. for commercial purposes.

EU targets end to data localisation
The EU Commission proposed a framework for the free flow of non-personal data Tuesday, highlighting the removal of data localisation restrictions as key to unlocking the potential of Europe's data economy.

Data protection reform package
The EU data protection reform package entered into force in May 2016 and will be applicable as of May 2018. It includes the General Data Protection Regulation ("Regulation") and the Data Protection Directive for the police and criminal justice sector.

Euro-MPs address new online privacy rules
A European Parliament committee is working on new privacy rules which would take account of new practices such as internet-based messaging and allow users better control of their privacy settings.

Exchanging and Protecting Personal Data in a Globalised World
The European Commission is proposing new legislation to ensure stronger privacy in electronic communications, while opening up new business opportunities.

Skype, WhatsApp face tighter EU e-Privacy laws
Services such as Skype and WhatsApp would need to respect similar e-Privacy rules to those for traditional phone and text messaging services under plans to update EU data privacy rules unveiled Tuesday.

Euro-MPs greenlight EU-US data protection agreement
The European Parliament gave the green light Thursday to the EU-US 'Umbrella Agreement' on the protection of personal data exchanged across the Atlantic for the purposes of law enforcement.

EU-U.S. Data Protection "Umbrella Agreement" - questions & answers
The EU-US data protection "Umbrella Agreement", given the green light by the European Parliament on 1 December, puts in place a comprehensive high-level data protection framework for EU-US law enforcement cooperation.

Websites can store IP Addresses, rules EU Court
A website operator can store certain personal data relating to visitors of the site if it helps to identify the visitor and also to protect itself against cyber attacks, the EU's top court ruled on Thursday.

EU - U.S. Privacy Shield goes operational
From 1 August, companies can sign up to the Privacy Shield with the U.S. Department of Commerce who can verify their privacy policies comply with data protection standards required by the EU-U.S. agreement signed 12 July.

EU-US data transfer accord enters into force
The European Union approved Tuesday the EU-U.S. Privacy Shield, a special arrangement that replaces the former 'Safe Harbor' agreement to allow transfer of personal data from the EU to the United States.

EU Data Protection Regulation: Where do businesses need to take action now?
After a protracted negotiation and design phase, the EU General Data Protection Regulation (GDPR) was adopted by the European Parliament on 04/14/2016 and entered into force on 05/24/2016. After 20 years, data protection law is at a whole new level and particularly uniform for the European Union.

EU, US sign shared law enforcement data deal
The EU signed an 'umbrella' deal on protection of shared data with the United States Thursday, putting in place a comprehensive data protection framework for criminal law enforcement cooperation.

EU-US 'Privacy Shield' data deal needs improvement, say MEPs
The European Parliament urged the EU Commission Thursday to go on negotiating with the United States over the proposed 'Privacy Shield' protection for EU citizens’ data transferred to the US for commercial purposes.

MEPs back EU directive on use of Passenger Name Records
Airlines will have to hand national authorities passengers' data for all flights from third countries to the EU and vice versa under a directive regulating the use of Passenger Name Record data in the EU, approved by the European Parliament.

EU votes in new rules for personal data protection
Euro-MPs have given the green light to new EU data protection rules aiming to give citizens back control of their personal data and create a high, uniform level of data protection across the EU.

EU set to strengthen data protection rules
The EU is set to give the final nod to a legislative package on reform of its data protection rules, following first reading adoption by the Council.

EU-U.S. Privacy Shield legal texts
The European Commission issued on 29 February the legal texts that will put in place the EU-U.S. Privacy Shield as well as a Communication summarising action taken to restore trust in transatlantic data flows since the 2013 surveillance revelations.

EU-US Privacy Shield
The European Commission and the United States agreed on 3 February a new framework for transatlantic data flows: the EU-US Privacy Shield.

EU data protection reform to boost the Digital Single Market
The European Commission, Parliament and Council agreed in final negotiations between the three institutions on 15 December EU Data Protection Reform first put forward by the Commission in 2012, with the aim of making Europe 'fit for the digital age'.