The European Commission will review instruments used by the EU and member states for personal data collection and use.
The commission said it would evaluate all instruments included in a new overview of the rules, governing gathering of personal data for law enforcement purposes and for citizen migration.
It plans to consider the value of potential future measures, such as an annual reporting obligation and sunset clauses, which would set a time limit on legislation.
Also included in the body's overview is a set of core principles that will form the basis for the future evaluation of data management instruments.
These principles cover areas such as accurate risk management and fundamental rights, the latter of which the commission said will be a major deciding factor when it develops new proposals on personal data processing.
Cecilia Malmstrom, EU commissioner for home affairs, said citizens should know what is happening to their data and where it is being transmitted.
"I want to ensure that all of these instruments are proportionate, that they respect the fundamental rights," Malmstrom said during a press conference in Brussels yesterday.
She added the overview has provided "an opportunity to establish a set of principles for how our policy should develop in this area."
The reaction to the overview in the UK will be interesting. The commission recently asked the country to show what measures it will be taking to ensure its laws match up with the EU's Data Protection Directive.
Commenting on the commission's request, a spokesperson from the Ministry of Justice said: "We are firmly committed to protecting UK citizens' privacy and data. We are considering the commission's letter and will respond in due course."
Jim Killock, executive director of the Open Rights Group, claimed there was a disconnect between EU data protection provisions and those in the UK.
"The EU clearly has higher data protection standards than the UK has implemented, but we have a clear chance now to change that," he told IT PRO.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
Forcing Apple to allow alternative app stores might cause major security risksAnalysis Apple will be forced to allow third-party marketplaces on its devices, but some experts have raised serious security concerns
-
Why bolstering your security capabilities is critical ahead of NIS2NIS2 regulations will bolster cyber resilience in key industries as well as improving multi-agency responses to data breaches
-
New EU vulnerability disclosure rules deemed an "unnecessary risk"News The vulnerability disclosure rules in the Cyber Resilience Act could also cause a “chilling effect” on security researchers
-
Are you ready for NIS2?WEBINAR Find out what you should be doing to prepare for the EU’s latest data protection regulation and UK equivalent with our free webinar
-
EU regulators are digging their heels in despite big tech’s Data Act pushbackAnalysis EU regulators are no strangers to big tech regulatory push back, so why do companies still persist?
-
Microsoft's EU Data Boundary will begin staggered rollout in January 2023News Public sector and commercial customers will be the first to benefit when the rollout begins on 1 January across all of Microsoft's core services
-
India’s new data protection bill continues to “facilitate state surveillance”News Although data localisation requirements have now been removed, it’s down to the Indian government to select which countries data is allowed to be sent to
-
EU watchdog fights against rules permitting Europol's ‘unlawful’ data practicesNews The pushback follows allegations that Europol was allowed to write its own rules when it came to handling sensitive data
