Data protection essential to digital economy, say EU leaders

New EU laws on data protection and cybersecurity to be agreed to next year

European Union leaders have given themselves room for maneuver in implementing new data protection laws, while pledging to introduce them in a timely fashion.

All 28 leaders of the E.U. member states discussed issues of data protection, mass surveillance and the digital economy at a meeting that continued late into the night on Thursday.

They agreed that there is a strong need for an improved, robust digital economy in Europe and that artificial barriers between member states must be removed to create the so-called "digital single market."

However, the meeting was dragged out with discussion on the subject of alleged illegal snooping by the U.S. National Security Agency, among others. Allegations that the NSA hacked German Chancellor Angela Merkel's mobile phone gave impetus to this debate.

Also on the agenda was the overhaul of Europe's data protection laws, although these would not have had any impact on any alleged spying. The new data protection regulation got the thumbs-up in a key committee vote in the European Parliament on Monday and negotiations with the E.U. member states were expected to begin soon.

Early leaked drafts of the council conclusions indicated that the leaders would agree on the new data protection laws in early 2014; this was then amended to "by 2015," giving the leaders some extra months to finalize the text.

Part of the council conclusions reads: "It is important to foster the trust of citizens and businesses in the digital economy. The timely adoption of a strong E.U. General Data Protection framework and the Cyber-security Directive is essential for the completion of the Digital Single Market by 2015."

Despite media reports that this was a significant alteration in timeframe, members of the European Parliament and the European Commission who must also approve the regulation said that this was not a significant change.

The Commission's Digital Agenda spokesman Ryan Heath said on Friday: "This gives a good push for 2014. We want to see the European Parliament vote before the Parliament elections in May and then to wrap up between the Commission, the Council and the Parliament in rest of 2014."

"We stressed that we have to speed up the work, but it is a complex task. It's not only related to the already difficult issues of protecting privacy, but it is also an impact on business," said E.U. President Herman Van Rompuy.

British Prime Minister David Cameron argued for removing a date altogether, according to sources familiar with the proceedings. The U.K. is concerned that the regulation will have a negative effect on businesses. He did not comment on the council meeting outcome, leaving on Friday without speaking to the press.

The text of the regulation that was approved by the parliamentary committee this week includes a "right to erasure" clause that would limit Internet companies' access to users' private data, with fines for those who break the rules.

The conclusions were welcomed by politicians and businesses alike. Jan Philipp Albrecht, the member of the European Parliament charged with seeing the regulation through, said he was happy that the importance of the regulation had been stressed. "Now it is up to the ministers to do their homework and get this negotiated soon," he said.

Meanwhile Liam Benham, IBM Europe vice president, said in an email on Friday: "We welcome the decision by EU leaders to prioritise quality over speed in their discussion on the data protection regulation." But he added: "The current proposal contains major defects that not only would undermine Europe's competitiveness, but would also fail to deliver the sort of online privacy we all want to see."

Follow Jennifer on Twitter at @BrusselsGeek or email tips and comments to

Join the CSO newsletter!

Error: Please check your email address.

Tags european unionsecuritydata protectionlegislationgovernment

More about EUEuropean CommissionEuropean ParliamentIBM AustraliaNational Security AgencyNSA

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jennifer Baker

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place