On August the 6th the EDPS gave his opinion on the data reform.
The full text is available at Consilium web site.
The EDPS points out five high level requirements:
- A better deal for citizen: simplicity while:
- Understanding what is personal information
- Exercising their rights on personal data
- All data processing should be both lawful and justified
- Seeking Data Protection Authorities support
- Rules that will work in practice
- Effective safeguards not procedures
- A better equilibrium between public interest and personal data protection
- Trusting and empowering supervisory authority
- Rules which will last a generation
- data protection by design and by default
- data portability
- Unfinished business
- e-privacy directive amendment
- Regulation 45/2001 (EDPS)
- A defining moment for digital rights in Europe and beyond
- Mass surveillance by government is a worrying reality
Personally I totally agree with the EDPS point of view.
I think that some posts in this site are in accordance with the EDPS point of view; see for example:
- simple risk management/Privacy Impact Assessment methods (The PIA concept from directive 95/46 to the current draft of the EU – Conclusion)
- Towards a Data Protection Governance Framework