European data protection reform: the facts

European data protection reform:  the facts

How to protect data and passwordsFor those of us working in privacy and data protection you would have had to have been living in a cave for the last few years not to know that changes are on the horizon. However, there is a lot of misinformation out there about what’s happening and when. Articles frequently appear reporting on new changes and stating as fact things that are definitely not.

The truth is...

The truth is that the draft Regulation is still being negotiated, there is some way to go, and there is little you can do to prepare right now, as we don’t know what it will say on the key points. There is some direction of travel that we can identify, but on the issues that may be of most importance to companies there is a lot of disagreement between the Parliament and the Council, who need to agree a version for it to become law.

If you are not familiar with the EU legislative process, then I recommend the latest blog from the ICO on the topic, which explains very concisely and clearly what has happened to date, what is happening now, and what has to happen next.

What is likely to change?

In terms of what might change in some way, there are some key areas like consent, legitimate interests condition for processing and profiling where the wording is

Subscription Form

Related Articles:
Latest Articles:

Already a subscriber? Login
RELX (UK) Limited, trading as LexisNexis, and our LexisNexis Legal & Professional group companies will contact you to confirm your email address. You can manage your communication preferences via our Preference Centre. You can learn more about how we handle your personal data and your rights by reviewing our  Privacy Policy.

Access this article and thousands of others like it free by subscribing to our blog.

Read full article

Already a subscriber? Login

About the author:
Emma Butler is currently Senior Director Privacy and Data Protection for Reed Elsevier as part of their Data Protection and Privacy Group. Her focus is primarily on the European LexisNexis businesses. She is also the Data Protection Officer for LexisNexis UK.


Emma previously spent seven years leading the international policy team at the Information Commissioner’s Office (ICO) where she worked with other regulators and the Article 29 Working Party as well as advising businesses and government entities on UK, EU and international data protection and privacy legislation.

She has a degree in French, Italian and linguistics and recently completed an LLM in Information Rights Law and Practice. She has an ISEB certificate in data protection and is an active member of the International Association of Privacy Professionals.