Frederik Van Remoortel

On June 15, 2015, Justice Ministers in the Council reached agreement on a general approach concerning the General Data Protection Regulation (GDPR). This allows the Council to start negotiations with the European Parliament (which formally adopted its compromise text for the GDPR in March 2014) with a view to reaching overall agreement on the GDPR.

The first so-called trilogue meeting with the Parliament is planned for 24 June 2015. The incoming Luxembourg Presidency has expressed the firm intention to adopt the GDPR by the end of this year. The new GDPR will set forth a new set of rules, valid across the EU and applicable both to European and non-European companies offering their goods and services to data subjects in the EU.

According to the text of the Council, European data protection authorities may impose administrative fines of up to 1,000,000 EUR or, in case of an undertaking, 2 percent of its total worldwide annual turnover of the preceding financial year, on a data controller or processor who, intentionally or negligently, commits certain breaches of the new rules.

The press release of the Council and the full text of the general approach can be found at http://www.consilium.europa.eu/en/press/press-releases/2015/06/15-jha-data-protection/