New General Data Protection Regulation
On April 14, 2016, the EU adopted the new Data Protection Directive, officially known as Directive 95/46/EC. This directive was created to regulate the progression of personal data within the EU. It involves the rights of individuals related to this matter and the obligations of the managers and controllers of data sets.
This new directive introduces a new perspective on data protection and is different to privacy law, which is considered a human right. Data protection is not recognized within international treaties and for that reason, Directive 95/46/EC individualizes and distinguishes between privacy law (art. 7) and data protection (art. 8).
The new Data Protection Directive replaces the current European data protection rules consisting of the 1995 Data Protection Directive and 28 national data protection laws. This new directive will be directly applicable to all EU member states without the need for national implementing legislation.
This directive will be applied to companies and public entities established in any member country of the EU and companies not established in the EU, but that offer goods and services in any EU country.
In this regard, National data protection authorities, as well as European privacy bodies, will issue guidelines and opinions in the next few months to assist organizations in implementing the changes.
The new directive shows the EU considers privacy and data protection highly important in the globalized world.