Data protection: Council agrees on general principles and the "one stop shop" mechanism
The Council reached a partial general approach on specific issues of the draft regulation setting out a general EU framework for data protection, on the understanding that nothing is agreed until everything is agreed.
The partial general approach includes the chapters and the recitals concerning the "one stop shop" mechanism (chapters VI and VII) as well as the chapter and the recitals relating to the principles for protecting the personal data (chapter II).
In October and December 2013 the Council already expressed its support for the principle that, in important transnational cases, the regulation should establish a "one-stop-shop" mechanism in order to arrive at a single supervisory decision, which should be fast, ensure consistent application, provide legal certainty and reduce the administrative burden. This is an important factor to enhance the cost-efficiency of the data protection rules for international business, and so to contribute to the growth of the digital economy.
According to the text agreed, the one stop shop mechanism should only play a role in important cross-border cases and will provide for cooperation and joint-decision making between several data protection authorities concerned. The text clarifies that the jointly agreed decision will be adopted by the data protection authority best placed to deliver the most effective protection from the perspective of the data subject.
Regarding the general principles of data processing, Ministers have endorsed a set of principles for lawful, fair and transparent data processing. An emphasis has been put on processing of special categories of personal data. The text includes also measures for processing on the basis of consent.
The data protection legislative reform aims at creating a more rigorous and coherent data protection framework in the EU, backed by strong enforcement that will allow the digital economy to develop across the internal market, put individuals in control of their own data and provide for greater legal and practical certainty for economic operators and public authorities. Data protection in the European Union is a fundamental right. The EU data protection reform seeks to ensure a very high level of protection of personal data.