The Justice and Home Affairs Council reached a partial general approach with regards to a general EU framework for data protection. Specific issues mentioned in the draft regulation were addressed adopting the understanding that nothing is agreed until everything is agreed. This applies to important transnational cases, where the partial general approach includes the chapters and recitals related to the setting up of a "one stop shop" mechanism (chapters VI and VII) in support of the underlying principles for protecting personal data (chapter II).
The Council had already expressed its support for such a mechanism back in October and December of 2013, when it stated that a one stop shop mechanism established for high priority transnational cases would facilitate the arrival to a single and final supervisory decision. It would render the process more efficient, ensure consistent application, secure legal certainty as well as minimise administrative burden. The last factor in particular, is essential in enhancing the cost-efficiency of data protection rules for international business, thus contributing to the imminent growth of the digital economy.
The one stop shop mechanism would facilitate cooperation and joint decision making between various data protection entities concerned in important cross-border cases and is to be applied only in such circumstances. In addition, the text elaborates on the fact that the jointly agreed decision may only be adopted by the authority that is in the data subject's perspective, recognised to be best placed in securing the best protection.
Ministers have endorsed a set of general principles related to lawfulness, fairness and transparency in data processing, particularly the processing of personal data falling under special categories. The text also extends to measures for processing on the basis of consent.
The concept of a one stop shop mechanism can be considered as a practical measure in relation to the legislative reform's aims of creating a more rigorous and coherent data protection framework within the EU. Its importance is further underlined through the fact that data protection is considered to be a fundamental right in the EU. Alongside a strong enforcement, this legislative reform will allow for the development of the digital economy across the internal market, increase individuals' control over their data and establish clearer legal parameters for economic operators and public authorities.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
