"New EU-wide data protection standards have been adopted by the EU last year. Their success depends not only on Member States adapting national laws to the new rules, but also on the knowledge of citizens of their new rights, and on businesses in the EU to be ready once the new rules enter into force.
We have one year to work with all Member States and to engage with companies to make this happen. This work should be stepped up and reinforced to ensure harmonisation and avoid fragmentation in the implementation. Within the year we will also launch an EU-wide campaign to raise awareness so that Europeans are conscious of their rights.
A year from now, the European Union will start benefiting from the new data protection standards. As of May 2018, the new rules of the General Data Protection Regulation will enter into application and give a strong basis for the Digital Single Market to flourish.
The new rules will protect the EU citizens' fundamental right to personal data protection. Everyone will benefit from new and clarified rights. For instance, you will have the right to know as soon as possible if your data has been hacked or disclosed. It will also be easier for citizens to complain and obtain compensation if they think their rights are not respected. No matter where your data is stored, you only need to contact your closest data protection authority. With sanctions of up to 4 percent of annual turnover, authorities will also be in a position to enforce the new rules.
Businesses will benefit from more legal certainty, with a single set of rules across the EU. Companies will only have to deal with one single supervisory authority – rather than 28 now. This will not only make things simpler, but also cheaper. SMEs benefit from exemptions to ensure that the rules are adapted to the needs and capacity of smaller firms. More generally, the data economy can enable business growth, modernise public services and empower citizens.
The data economy supports growth, helps modernise public services and empower citizens. As non-personal data do not fall under the Data Protection Regulation, the free movement of such data can be limited at national or regional level. The Commission will come up with legislative proposal to guarantee the free flow of data later in 2017 and another proposal promoting accessibility and reuse of public data.
In 2018, Europe's high data protection standards will finally become a reality. It is crucial that we make them work in practice."
The data protection reform package entered into force in May 2016 and will be applicable as of May 2018. It includes the General Data Protection Regulation and the Data Protection Directive for the police and criminal justice sector.
For further information:
Questions and Answers - Data protection reform package
Question and Answers - Mid-term review of the 2015 Digital Single Market strategy