The European Parliament and Council have reached agreement on the data protection reform proposed by the Commission. The reform is an essential step to strengthen citizens' fundamental rights in the digital age and facilitate business by simplifying rules for companies in the Digital Single Market.
The data protection reform package includes the General Data Protection Regulation ("Regulation") and the Data Protection Directive for the police and criminal justice sector.
The changes will give people more control over their personal data and make it easier to access it. They are designed to make sure that people's personal information is protected – no matter where it is sent, processed or stored – even outside the EU, as may often be the case on the internet.
The four key areas of data protection and privacy management:
1. permission (the consent requested and granted for data use),
2. personal (the use of digital identifiers to personalize content and services),
3. preparation (the standard to which data needs to be held in order to be effective and how this is recognized by consumers) and
4. protection (the effort made by companies to keep sensitive data secure and the expectation of individuals that this will happen).