At the beginning of 2012, the European Commission presented a proposal for a new data protection regulation that, if it will be adopted, will replace the current Data Protection Act.
Sören Öman is the director for Stockholm Centre for Commercial Law at the University of Stockholm and vice-chairman of the Swedish National Labour Court. He is an expert in personal data legislation, and contributed to the implementation of the current EC Data Protection Directive by establishing the Swedish Data Protection Act in 1998.
What is new in the proposed regulation?
The proposal contains many news. A registered will in some cases be able to ask the publisher of personal data to delete the data and make all reasonable efforts to inform outsiders about this. Another new thing is the right to transfer personal data from social media sites, for example.
Which are the implications of a regulation?
An EU regulation is directly applicable throughout the EU, while an EU directive must be implemented in the legislations in respective member states and gives more flexibility to make adjustments in the implementation phase. The Commission has the power to make all clarifications to the current proposal. This is why the Swedish parliament is skeptical about the proposal.
What happens next?
The proposal is now being negotiated. Thousands of amendments have already been put forward. It will take a long time to reach an agreement. It took five years for the current directive to be adopted. According to the current proposal, the new regulation shall apply two years after its adoption.