This post was also written by Nick Tyler.
As reported in our January blog on the day of its release, the European Commission has now published a draft General Data Protection Regulation (the “Regulation”) and has sent it to the European Parliament, along with a new draft Directive aimed at protecting personal data in relation to criminal investigations and judicial proceedings, including across borders.
The European Commission’s stated goal is to have parliamentary approval of the Regulation by the end of 2012. Despite some areas of uncertainty and the strong potential for continued disharmony, as well as the inevitable changes that will result from the legislative process, the Regulation provides enough detail in relation to the accountability principle and the increased self-regulatory regime for organisations to start preparing for implementation within the next three years.
For a detailed analysis, please click here to read the issued Client Alert.