The European Parliament has approved reforms to the Commissions Data Protection Directive of 1995, which will see individuals given greater control over information held on them by organisations and a right to be informed in the event of any data breaches.
German Euro MP Axel Voss authored the report now approved by the European Parliament, which recommended people must be able to have personal data easily deleted, corrected or blocked.
It has long been anticipated that the EU will make businesses more accountable for data breaches.
The vote came shortly after the UK’s Information Commissioner published his annual report, which showed that private sector companies reported the most data security breaches of any sector in the past year.
But while many in business have been dismayed at the prospects, the vote in the European Parliament strengthens the hand of those looking to sharpen data protection laws.
“Putting people back in control of their personal data is a priority for me,” said EU justice commissioner Viviane Reding, speaking in response to the vote.
The European Commission is currently drafting legislation to modernise European data protection rules, which are expected to be finalised by the end of the year.
The UK’s Information Commissioner was sharply critical of business leaders’ response to incidents of data breaches.
According to the ICO’s latest report, just 19 per cent of private sector businesses contacted by the ICO were willing to submit themselves to data protection audits.
“Lenders, general businesses and direct marketing companies account for almost a third of total complaints to the ICO, and businesses were the top sector for reporting data security breaches to us last year. Despite this, many of them are still resisting our offer to undergo audit,” said Christopher Graham, the Information Commissioner.
“We’ve written to organisations we consider to be high risk but the response has been disappointing,” he added.