D/EU: Hustinx for new EU Data Protection Directive

The European Data Protection Supervisor (EDPS), Peter Hustinx, recently announced in a statement that a new EU Data Protection Directive, preferably an order, is required. With this, Hustinx once again made reference to his 2007 statement that a reform of the EU Data Protection Directive is required urgently.

The current EU Directive 95/46/EG has not met current requirements for some time, as it was not possible to consider many aspects when it was created because the technology concerned was not yet in extensive use at that time, such as e.g. the Internet. The EDPS deduces from this that, after its revision, the directive must describe in a technologically neutral manner which measures are to be implemented so that the new version of the EU Data Protection Directive strengthens legal security in the field of data protection in the long term.

In addition, Hustinx demands in his statement that the current directives be adapted quickly and precisely to the existing circumstances. One of the main requests is that data protection should foster trust and support other public interests. This should be implemented through strict regulations.

An additional request is that the existing laws in the individual EU member states must be adapted to the new regulations and the scope that has been available up to now must be limited in such a way that European data protection can be harmonized completely. He therefore believes that a data protection order, which has immediate legal effect, may be more targeted than a directive, which can be implemented differently in the member states. The EDPS is supported by the work of his predecessor and by Working Party 29 (WP29).

The revision of the directive is due to take place this year. One can hope that the amendment to the European Data Protection Directive contributes to the transparency of data protection in the EU and makes it easier to know which data protection law applies, particularly for businesses that operate internationally. In addition, it would certainly be desirable if the old regulations were revised in such a way that companies could benefit from using modern technology, such as cloud services, without reaching the current limits of data protection legislation.