"Tomorrow, 28 January marks European Data Protection Day. Personal data protection is a fundamental right in the European Union; it is part of the European DNA and deserves the highest protection standards.
2016 was a historical year for data protection in the EU. We agreed on a data protection reform that will help stimulate the Digital Single Market in the EU by fostering consumer trust in online services and by providing legal certainty for businesses based on clear and uniform rules. We are now working to ensure that the rules work in practice.
Strong data protection rules are the basis for the Digital Single Market to prosper. They are the foundations on which we can ensure the free flow of data across borders. Where people trust that their personal data is protected, they are more likely to use services and new technologies. Just two weeks ago, the Commission proposed revised legislation to better ensure a high level of privacy in electronic communications. The updated ePrivacy rules protect consumers' communications content and metadata regardless of the services used, while opening up new opportunities for business. We now call on the European Parliament and the Council to ensure smooth adoption of our proposal.
The digital economy is global, and when Europeans' personal data are transferred abroad, the protection travels with it. In August last year, we launched the EU-U.S. Privacy Shield to better protect personal data transferred across the Atlantic, while ensuring legal certainty for businesses. Now, over 1700 companies have signed up to the Privacy Shield, with 700 further applications in the pipeline. We will continue to promote our data protection values at international level. This is why we will actively engage with key partners, such as Japan and South Korea, to reach adequacy decisions.
As criminals know no borders, also data exchanges between police and judicial authorities across Europe and with our international partners must be underpinned by strong data protection standards. Inside the EU, the new Police Directive will facilitate exchanges to prevent cross-border crime and guarantee that personal data is protected. At the international level, the EU-U.S. Umbrella Agreement that will enter into force on 1 February 2017 will guarantee a high level of protection for EU citizens' personal data when transferred to U.S. judicial and police authorities. All EU citizens will also have the right to enforce their data protection rights in U.S. courts.
In 2017, we will build on the important achievements to ensure that citizens and businesses benefit from strong and clear data protection rules. We want to make the EU data protection standard a global standard."
Every year on 28 January, the European Commission celebrates European Data Protection day.
The reform of data protection rules was finalised in April 2016 (statement) and the new rules will apply as of May 2018. For details on what businesses need to do by May 2018, see our animated infographic for SMEs: Protect personal data, protect your business (For all language versions please see here).
The EU – U.S. Privacy Shield was adopted on 12 July 2016 (press release) and became fully operational on 1 August 2016 (see Daily news). For more information, see also the Guide for citizens and the factsheet on the EU-US Privacy Shield.
The Umbrella Agreement was signed on 2 June 2016 (see statement) and it will enter into force on 1 February 2017.
The draft ePrivacy Regulation and the Regulation on the protection of personal data by European institutions and bodies were adopted by the Commission on 10 January 2017 (press release), together with a Communication on the strategic approach to international personal data transfers, and a Communication on giving a boost to the data economy.
For more information on the new data protection rules, see factsheets:
For further information