“The authorities responsible for data protection must be provided with sufficient powers to enforce the law, and they must have sufficient resources to exercise their powers. We need legal certainty and a level-playing field for all businesses that handle personal data of our citizens”, she was quoted by Bloomberg as saying.
Reding also said that companies need to abide by many different interpretations of the EU’s privacy rules. “The administrative burden associated with this fragmentation costs businesses an estimated €2.3 billion ($3 billion) per year,” she said.
The commissioner proposed that there be a “one-stop-shop” for data protection regulation – “one law and one single data protection authority for each business; that of the member state in which they have their main establishment.”
Reding said that the overhaul of EU data protection rules, which she proposed last year, would be published in February, according to Bloomberg.
The commissioner also reiterated her plans to introduce legislation to mandate that companies notify consumers about a data breach. The new rules should ensure that “individuals are sufficiently informed when their personal data is lost, stolen or breached,” she said.