There have been various press reports over the last couple of days on the Irish Presidency’s memo to the EU Council of Ministers’ on the draft data protection Regulation. The memo has been reported as a watering down of the Commission’s proposals.
The Presidency encourages further consideration of a more risk based approach to compliance, with an alleviation of some of the burdens of the new Regulation where processing of data is limited or involves pseuodonymous data. They have also asked the Council to consider whether the controversial requirement for organisations to appoint a data protection officer could be made optional, with possible incentives in the form of reduced regulation where an organisation does appoint a DPO.
Datonomy’s view is that although the memo is a step in the right direction it is a tentative one which fails to delve into specifics or tackle the more controversial provisions of the draft Regulation. The jury is still out and the votes on the Regulation over the next few months are likely to provide a better guide to where the Regulation will finally land.