The European Commission [official website] on Tuesday reached an agreement [press release] on data protection regulations concerning how digital information is to be collected and managed across the EU. The EU Data Protection Reform [legislative materials] was initiated in 2012 and was approved following final negotiations by both the European Parliament and the Council. The reform was in response to calls from over 90 percent of Europeans for “the same data protection rights across the EU.” The so-called Digital Single Market [backgrounder] seeks to enable people to better control their personal data and is expected to result in decreased costs to businesses. As part of the European Agenda on Security [text, PDF] the reform also seeks to ensure that the data of victims, witnesses, and suspects of crimes, are duly protected, and to facilitate cross-border cooperation of police or prosecutors to combat crime and terrorism more effectively across Europe. The final text of the regulations will be formally adopted by the European Parliament and Council at the beginning of 2016, and the new rules will become applicable two years thereafter.

Consumer data protection rights are currently applied differently across the EU resulting in multiple similar lawsuits with varying outcomes. In February 2014 a French court ruled [JURIST report] that Google must display on its French page that they have been fined by the local data-protection watchdog for how they store user information. In January 2014 the UK High Court ruled [JURIST report] that Google can be sued by British citizens. In November 2013 the Dutch Data Protection Agency stated that Google was in violation [JURIST report] of the country’s data protection act. Earlier that month a Berlin court held that 25 of Google’s privacy policies and terms of service violated [JURIST report] Germany’s data protection law.