The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) met on Monday 5 November to discuss the General Data Protection Regulation, as proposed by the Commission.
Rapporteur Jan Albrecht MEP (Greens/EFA, Germany) opened the debate by stating that his goal was to finalise the reform of the EU’s data protection rules by the end of the current Parliament’s mandate. Furthermore, he has set the ambitious timetable of completing his draft report before the upcoming Christmas break, giving time to work with the Irish Presidency commencing in January and reaching agreement within LIBE by the end of April.
Ms Le Bail from the European Commission supported these goals and added that whilst it is ambitious, achieving a common approach to data protection by the end of the Irish Presidency is sorely needed. Resending to comments and questions regarding the administrative burden of the Commission’s proposals, Ms Le Bail noted that the Commission is happy to hear solutions and work with the Parliament and the Council on this issue. Accordingly, Ms Le Bail also welcomed the criteria presented by Mr Albrecht to assess the implementing and delegated acts, which have also been a source of some concern. However, she emphasised that these were included so as to preserve an element of flexibility and ensure that both the directive and the regulation were equipped to respond to new technologies.
A representative from the Cyprus Presidency noted the same concern as others about the number of delegated and implementing acts, and highlighted the Commission’s previous commitment to work towards reducing the volume of such acts included in the proposal. The data protection package is due for discussion at the ’Friends of the Presidency’ meeting on the 13 November, with a view to presenting the file at the COREPER/JHA Council on 6 and 7 December.
Finally, the Legal Service gave a brief presentation in which it highlighted two key elements of the proposals. Firstly, the relationship between the draft regulation and national laws was clarified. The margin of manoeuvre for national laws is, the Legal Service confirmed, greatly reduced in the current draft and whilst this can be partially alleviated by the inclusion of national implementing measures and derogations, these must not hamper the objectives of the regulation and must be clearly limited. The extension of specific rules in chapter nine, concerning further derogations, is in theory possible, but these should be consistent with the act and limited to sectors where such rules are necessary. Overall, the Legal Service concluded, a reconsideration of the legal form of the proposal (i.e. a directive instead of a regulation) might be considered, so as to leave room for national manoeuvre.
Secondly, the issue of delegated acts was addressed by the Legal Service, which noted that EU law and the case law of the Court allows for delegated acts only to amend and supplement non-essential provisions. Essential provisions are considered by the Court to be those that give concrete shape to the legislation and require political choices - these must be dealt with within the act itself. However, case law dictates that the distinction between essential and non-essential elements must be decided by the legislator.
The floor was opened up for questions and MEPs voiced support for the timetable set by the Rapporteur and noted the need to ’prod’ the Council so as to avoid delays. In particular, Sophia in’t Veld MEP (ALDE, Netherlands) highlighted the risk of the directive element of the package being watered down or eliminated altogether - the Parliament must ensure that both elements of the data protection rules are made as strong as possible and implemented uniformly, she said.
The plan is for the draft report to be distributed to members of the Committee before the Christmas break.
[EPHA Briefing] General Data Protection Regulation
ECJ test case ruling on data protection and health
Data protection and medical research: project findings suggest not enough is being done