After four years of intensive work, the European Parliament adopted the new Regulation on the protection of personal data on 14 April 2016. The parliamentarians wanted the regulation to be "future-proof", in particular by being neutral in terms of technologies and adapted to Big Data, in order to be applicable to future innovations.
The regulation will apply in all EU member states from 25 May 2018, giving member states two years to implement it.
The European supervisory authorities (in particular the CNIL) and the G29 are committed to helping companies comply with the new principles.
Among other things, the regulations make it possible to:
- Strengthening existing rights
- Clear, accessible and comprehensible data processing for data subjects
- The right to information in the event of a data breach or disclosure
- Reinforcing the right to be forgotten
- A new right to data portability
- Simplified formalities for businesses
- A unified legal framework
- An increase in administrative penalties to 4% of worldwide turnover
The regulation will also encourage the use of privacy-enhancing techniques, such as pseudonymisation, anonymisation, encryption and data protection by design.