Today, the European Parliament (EP) voted in favor of the two reports of rapporteurs Jan-Philipp Albrecht and Dimitrios Droutsas concerning the proposed General Data Protection Regulation and the proposed Directive for the law enforcement sector. The support for the report on the proposed Regulation (see here), which the LIBE Committee of the EP had adopted in October last year (see InsidePrivacy, What Companies Should Know About the LIBE Committee’s Amendments to the EU’s Proposed Data Protection Regulation, October 24, 2013), was particularly strong (621 votes in favor out of 653 votes), whereas a considerable minority (276 votes out of 677 with 371 votes in favor) voted against the report on the proposed Directive (see here).

The votes followed a debate on the reform package that took place in the plenary yesterday.  The debate was characterized by strong support for the proposed Regulation.  A few Members of the EP (MEPs) raised concerns in particular in relation to the rules applicable to small and medium-sized companies (SMEs) and the potential impact on freedom of press and health research. However, although several MEPs recognized that the proposed Regulation would not be perfect, the majority considered it to be a step into the right direction and several stressed that it would establish parity of European with non-European companies.

Vice-President Viviane Reding, the EU’s Justice Commissioner, stated in a press release: “The message the European Parliament is sending is unequivocal: This reform is a necessity, and now it is irreversible.” The vote allows the new EP, which will reconstitute in July after the forthcoming elections in May, to build on the work done by the EP in the current term and start negotiations with the European Council. However, negotiations with the Council, comprising representatives of the 28 EU member states, can only start if the Council agrees upon a common approach.

According to the Greek representative of the Council, the Greek Presidency aims to reach at least a partial agreement before the end of its Presidency by the end of June. The Council had intense discussions (with almost 50 days of meetings of the relevant working groups in 2013 and over ten days in 2014), but not much progress has been made. The Council representative referred to the proposed Regulation as the most ambitious piece of legislation in the justice area; since data protection is a cross-cutting issue, scrutiny from several ministries would be required.  It appears that there is still a lack of agreement on a number of significant issues (see, InsidePrivacy, European Council Taps the Breaks – –Adoption of EU General Data Protection Regulation Delayed, October 28, 2013). It therefore appears to be rather unlikely that the proposed Regulation can still be adopted by the end of this year.