recent work

‘Consumers must be more empowered than they are today’

Explicit consent will have to be obtained by companies that wish to process the personal data of others, under new EU data protection laws, says Viviana Reding, EU Justice Commissioner.

 Including this, individuals will be able to force organisations to delete the personal information held about them. Changes to the law are expected by February 2012.

Reding says:

“In modernising the EU’s data protection rules, we believe that consumers must be more empowered than they are today,” the statement said.

“Users should be in control of their data. This is why in our view, EU law should require that consumers give their explicit consent before their data are used. And consumers generally should have the right to delete their data at any time, especially the data they post on the Internet themselves. We will work closely together to make sure that the modernisation of the EU’s data protection rules addresses these issues and that the EU’s data privacy principles are turned into a reality for consumers and businesses everywhere in Europe,” Reding said.

In her statement Reding also said that the revised data protection laws should apply to companies with EU consumers that store personal data in ‘the cloud’.

“Consumers in Europe should see their data strongly protected, regardless of the EU country they live in and regardless of the country in which companies, which process their personal data, are established,” Reding said.

“We both believe that companies who direct their services to European consumers should be subject to EU data protection laws. Otherwise, they should not be able to do business on our internal market. This also applies to social networks with users in the EU. We have to make sure that they comply with EU law and that EU law is enforced, even if it is based in a third country and even if its data are stored in a ‘cloud’,” she said.