Brussels, 20/02/2013 (Agence Europe) - On Wednesday afternoon 20 February, the industry, research and energy committee at the European Parliament (ITRE) adopted its opinion on reforming personal data protection rules (33 votes in favour, 4 against). This opinion reflected rather closely the concerns expressed by industry, particularly SMEs, which were afraid of being financially overwhelmed by some of the provisions. It was also quite close to the European Commission's initial proposals of January 2012, which suggested an exemption for all companies employing fewer than 250 workers from having to employ a data protection supervisor.
The rapporteur responsible for this issue, Sean Kelly (EPP, Ireland), explained in his report (with more than 1,000 amendments) that these new rules should help to avoid excessive red tape for companies, particularly those that had internal procedures for data protection accountability. He also said that it would help to guarantee a certain degree of flexibility with regard to some of the provisions in the regulation, particularly those on the responsibility mechanism and notification to the control authority. On 19 February, European SMEs at the UEAPME expressed misgivings about all SMEs being subject to the obligation of employing a data protection officer and warned MEPs against the temptation of exclusively focusing on solving problems with giants such as Facebook or Google (see other article below). The UEAPME is particularly concerned by the direction taken by the LIBE committee and its rapporteur Jan Philipp Albrecht (Greens/EFA, Germany), which seeks to determine SME exemptions on a quantitative basis, which the UEAPME considers quite inappropriate. It would prefer to see decisions based more on the kind of activity the company in question is engaged in. Therefore, should a company with a contact list of more than 500 people a year be entirely covered by the regulation? (EUROPE will be returning to the question of the vote tomorrow.) (SP/transl.fl)