In January, 2012, the EU legislative bodies proposed an updated and more harmonized data protection law to replace the existing EU Data Protection Directive 95/46/EC. That Directive - part of the EU Privacy and Human Rights Law - was created to regulate the processing of personal data within the European Union. While still a work in progress, the new General Data Protection Regulation is now expected to be adopted at the end of 2015 or early 2016.

The new data protection law will apply to all 27 European member states and will significantly change the landscape of EU privacy and data protection in several key areas, including:

  • greater control over personal information for individuals, including the right to "data portability," and the "right to be forgotten";
  • stricter requirements for obtaining consent to collect and store personal data;
  • new restrictions on tracking and targeted advertising;
  • new rules for police and criminal justice authorities that exchange data across EU state borders;
  • stricter data breach reporting obligations (for example, that breaches must be reported to regulators within 24 hours); and
  • substantial new penalties for data privacy violations (the greater of €100 million, or 2 - 5% of a company's annual worldwide revenue).

www.fkks.com

This alert provides general coverage of its subject area. We provide it with the understanding that Frankfurt Kurnit Klein & Selz is not engaged herein in rendering legal advice, and shall not be liable for any damages resulting from any error, inaccuracy, or omission. Our attorneys practice law only in jurisdictions in which they are properly authorized to do so. We do not seek to represent clients in other jurisdictions.