Published on 

Minister Murphy hails new era for data protection in Europe as new EU-wide rules adopted

Minister for European Affairs and Data Protection, Dara Murphy T.D. has welcomed the formal adoption by the European Parliament today of new EU-wide rules on the protection of personal data. The new rules will update Europe’s existing laws for the digital age and are designed to strengthen the protection of individuals’ personal data, while providing for the lawful and safe use of data for the benefit of individuals themselves, society and the economy.
The new rules were formally approved by Member State governments last Friday, following a compromise agreed with the European Parliament in December, and after four years of negotiations.
Speaking after the European Parliament formally backed the new rules at its plenary session in Strasbourg today, Minister Murphy said:
“Ireland has been to the forefront in negotiations on new EU-wide data protection rules, and with today’s approval by the European Parliament, we’ve cleared the final hurdle. We now have certainty about a modern, robust and uniform data protection regime that will apply throughout the European Union from 2018, which is very significant.”
“The protection of our personal data is a fundamental right laid down in the Charter of Fundamental Rights of the EU and in the treaties. It concerns the personal data held about us by organisations and is ultimately about our privacy and aspects of our identity.”
“The positive and safe use of data offers a wealth of opportunities for individuals, for society, for job creation and for the economy. However, in order to benefit we do need to be alive to the many complex issues that can arise with data, and specifically personal data.”
“I believe we have struck a good balance with these new rules, with strong protections for individuals’ personal data, based on the key principles of data protection. These are combined with clear, and in many cases, risk-based, obligations for organisations, including a requirement for mandatory notification of data breaches; a “One Stop Shop” for citizens and businesses in terms of dealing with only one lead regulator in the EU, such as the Office of the Data Protection Commissioner in Ireland; and a sanctions regime for cases of serious data breaches.”
“The new data protection rules are good for individuals and for businesses and other organisations alike. I would encourage organisations, public and private, that handle personal data to now take advantage of the two year lead-in period to familiarise themselves with and prepare to meet their obligations under the new rules.”
The text of the new EU General Data Protection Regulation is due to be published in the Official Journal of the EU shortly, following which it will enter into force after a period of two years.