By Diego Naranjo

In January 2012, the European Commission, following extensive consultations, published a draft Regulation. The initiative had three priorities – modernisation of the legal framework for the protection of personal data, harmonisation of the rules across the EU (proposing a single Regulation rather than a Directive that is implemented via 28 national laws) and maintaining existing levels of protection. These goals were to be underpinned by more efficient implementation measures.

After three years of discussions following the first proposal being made by the European Commission (and a first reading by the European Parliament that was finalised in 2014), the Council has decided to agree on a new text (a “general approach“) that will be the object of current trilogues.

The trilogue discussions between the three institutions officially started on 24 June 2015 with the first meeting in Brussels. In order to explain the process, we will be publishing information and analysis in this document pool. We will update this post as the negotiations advance.

GDPR_trialogues_infographics
If you would like to know more about specific parts of the Regulation, please go to EDRi’s detailed analysis on the original proposal made by the Commission at ProtectMyData.eu.

For more analysis and campaign materials go to the EDRi data protection archive.

Selected Documents (a more exhaustive collection of documents can be found on Carlo Piltz’ website):


The calendar of the negotiations is:

24.06.2015: Brussels  (subject to agreement with Commission and Council)
1st Trilogue Meeting on the Regulation
Draft Agenda:
Commitment for the Directive in Council
Agreement on the overall roadmap for Trilogue negotiations
General method and approach for delegated and implementing acts

– 14.07.2015: Brussels (subject to agreement with Commission and Council)
2nd Trilogue Meeting on the Regulation
Draft Agenda:
Territorial scope (Article 3)
International transfers (Chapter V)

– Further Trilogue roadmap
(All subject to agreement with Commission and Council)

September
Data protection principles (Chapter II)
Data subject rights (Chapter III)
Controller and Processor (Chapter IV)

October (15th in Brussels, and 28th in Strasbourg)
Data Protection Authorities (Chapter VI)
Cooperation and Consistency (Chapter VII)
Remedies, liability and sanctions (Chapter VIII)

November (11th-12th in Brussels and 24th in Strasbourg)
Objectives and material scope, flexibility public sector (Chapter I)
Specific regimes (Chapter IX)

December (10th in Brussels and 15th in Strasbourg)
Delegated and Implementing Acts (Chapter X)
Final provisions (Chapter XI)
Other remaining issues

Vote in the LIBE Committee (17.12.2015)

Twitter_tweet_and_follow_banner