Navigation path

Left navigation

Additional tools

Other available languages: none

European Commission


Brussels, 19 March 2013

EU Data Protection: European Parliament's legal affairs committee backs uniform data protection rules

The European Commission today welcomed the adoption of an opinion by the European Parliament’s Legal Affairs Committee (JURI) on the Commission’s proposal for a Data Protection Regulation reforming the EU’s data protection rules that date back to 1995 (see IP/12/46 and IP/13/57). The opinion on the proposed Data Protection Regulation, drafted by MEP Marielle Gallo keeps up the momentum that is building towards the rapid adoption of new EU data protection rules. The JURI committee also voted on rapporteur Axel Voss' opinion on the Data Protection Directive for the law enforcement sector. The opinions voted today will be submitted to the Civil Liberties, Justice and Home Affairs Committee (LIBE), which will vote on its own reports in spring 2013.

"Today’s votes by the European Parliament’s Legal Affairs Committee take us another step towards the swift adoption of a modern data protection reform in Europe,” said Vice-President Viviane Reding, the EU's Justice Commissioner. "I thank the JURI Committee and, in particular rapporteurs, MEPs Marielle Gallo and Axel Voss, for their effective work. All the elements are falling into place to make decisive political progress on this critical dossier in the months to come. What we need for Europe is a deal that is good for citizens and that is good for business

"The data protection reform will also enhance trust among law enforcement authorities by facilitating exchanges of data to fight serious crime, while ensuring a high level of protection for citizens,” Vice-President Reding added.

The JURI Committee backed the architecture and the main fundamentals of the Commission's data protection reform:

  • The need to replace the current 1995 Data Protection Directive with a directly applicable Regulation that covers the processing of personal data. A single set of rules on data protection, valid across the EU will remove unnecessary administrative requirements for companies and can save businesses around €2.3 billion a year.

  • The need to maintain a broad definition of "personal data". This is in line with the current 1995 Directive. This is also in line with the case law of the Court of Justice which ruled, for example, that IP addresses are personal data (the SABAM case). At the last Justice Council in March Vice-President Reding made clear that narrowing this definition would mean that some data protected in the past would no longer be covered in the future – which is not an outcome the Commission would be prepared to accept. (see SPEECH/13/209).

  • The need to give ‘explicit consent’ as one of the legitimate grounds for processing data. The current Directive states since 1995 that consent has to be ‘unambiguous’. The Commission's proposal foresees that if and when consent is used as a ground for processing, then it has to be a real and valid consent: it cannot be presumed that when a person remains silent or does not act, this means consent. As Vice-President Reding explained in a recent speech (see SPEECH/13/197), consent is only one of several bases which make the processing of personal data lawful. Therefore, in practice, businesses do not need to worry about having to adapt existing business models.

  • The need to have a "one-stop shop" for companies that operate in several EU countries. The Commission's proposal cuts red tape by introducing a one-stop shop for businesses to deal with regulators. In the future, companies will only have to deal with the data protection authorities in the EU country in which they have their main establishment: one interlocutor, not 27 (or more).

  • The scope of the Data Protection Law Enforcement Directive. A new Directive will apply general data protection principles and rules to police and judicial authorities in criminal matters. These rules will apply to both domestic processing and cross-border transfers of data and enhance trust between law enforcement authorities.

Next steps: Following the JURI Committee’s vote, the LIBE Committee (which is the lead Committee) will then vote on its own reports on both proposals in spring 2013.

The European Commission will continue to work very closely with the European Parliament and with the Council to support the co-legislators in their endeavour to complete negotiations within the mandate of the current Parliament. Ministers discussed the proposed data protection rules at the Justice Council on 8 March, where Vice-President Reding highlighted the need to maintain momentum in the legislative process (SPEECH/13/209).


Today's votes in the JURI Committee follow the publication of the draft reports on the reform of the EU's data protection rules by the LIBE Committee’s rapporteurs on 10 January 2013 (MEMO/13/4) and the votes in the ITRE (MEMO/13/124), EMPL and IMCO Committees. . In the digital age, the collection and storage of personal information are essential. Personal data is used by all businesses – from insurance firms and banks to social media sites and search engines. In a globalised world, the transfer of data to third countries has become an important factor in daily life. There are no borders online and cloud computing means data may be sent from Berlin to be processed in Boston and stored in Bangalore.

Today, 72% of Internet users are worried that they give away too much personal data. They feel they are not in complete control of their data. Fading trust in online services and tools holds back the growth of the digital economy and Europe's digital single market.

To address these concerns, the European Commission proposed, on 25 January 2012, a comprehensive reform of the EU's 1995 data protection rules to strengthen online privacy rights and boost Europe's digital economy. The Commission's proposals update and modernise the principles enshrined in the 1995 Data Protection Directive to bring them into the digital age. They include a proposal for a Regulation setting out a general EU framework for data protection and a proposal for a Directive on protecting personal data processed for the purposes of prevention, detection, investigation or prosecution of criminal offences and related judicial activities (IP/12/46, MEMO/12/41 and IP/13/57).

For more information

Homepage of Vice-President Viviane Reding, EU Justice Commissioner:

MEP Jan-Philipp Albrecht's report on the Data Protection Regulation:

MEP Dimitrios Droutsas' report on the Data Protection Directive:

Press pack: data protection reform:

European Commission – data protection:

Justice Directorate General Newsroom:

Follow the Vice-President on Twitter:


Side Bar