NEWS22 October 2013
All MRS websites use cookies to help us improve our services. Any data collected is anonymised. If you continue using this site without accepting cookies you may experience some performance issues. Read about our cookies here.
NEWS22 October 2013
BELGIUM — The European Parliament Civil Liberties Committee last night voted in favour of tougher new data protection rules in Europe, including a “right to erasure” of data, and fines of up to €100m for breaches of the rules.
According to the Civil Liberties Committee, “any person would have the right to have their personal data erased if he/she requests it. To strengthen this right, if a person asks a ‘data controller’ (e.g. an internet company) to erase his/her data, the firm should also forward the request to others where the data are replicated”.
EU Justice Commissioner Viviane Reding has previously called for citizens to be granted the right to delete their data at any time, “especially the data they post on the internet themselves”.
The Civil Liberties Committee said the “right to erasure” would cover this “right to be forgotten”.
In addition to the tougher fines, MEPs also voted for limits to profiling, described as “a practice used to analyse or predict a person’s performance at work, economic situation, location, health or behaviour”.
“Profiling would only be allowed subject to a person’s consent, when provided by law or when needed to pursue a contract,” according to a statement. “Furthermore, such a practice should not lead to discrimination or be based only on automated processing. Any person should have the right to object to any profiling measure.”
Data transfer rules to non-EU countries were also voted on. According to the adopted text, “if a third country requests a company to disclose personal information processed in the EU, the firm would have to seek authorisation from the national data protection authority before transferring any data. The company would also have to inform the person of such a request”.
On the subject of explicit consent for data processing, the committee said: “Where processing is based on consent, an organisation or company could process personal information only after obtaining clear permission from the data subject, who could withdraw his/her consent at any time. A person’s consent means any freely given, specific, informed and explicit indication of his/her wishes, either by a statement or by a clear affirmative action.
“Civil Liberties Committee MEPs clarify that the execution of a contract or the provision of a service cannot be made conditional upon consent to processing personal data that is not strictly needed for the completion of that contract or service. Withdrawing consent must be as easy as giving it.”
The committee’s vote paves the way for the European Parliament to start negotiations with national governments in the European Council. According to the committee: “Inter-institutional talks will start as soon as the Council agrees on its own negotiating position… Parliament aims to reach an agreement on this major legislative reform before the May 2014 European elections.”
0 Comments