Justice ministers at the European Commission (EC) have at last provisionally approved a finalised version of the laws, meaning that they can now move on to the next stage of the ratification process – final discussions between the European Parliament, the EC and the Council of the European Union.
The first meeting between the three will take place on 24 June and it is hoped that the new laws will be implemented before the end of 2015.
The main aim of the proposed legislation is to ensure that all firms in Europe follow the same data protection laws rather than having a patchwork of different rules across nations.
The move is in line with EU plans for a Digital Single Market and is designed to make life easier for large enterprises and SMBs to operate in the EU with confidence in a unified data protection regime.
It will also ensure that non-European companies operating in the region will have to adhere to the new regulations – which could spell trouble for major US cloud providers such as Amazon, Microsoft and Google, and the demands of the US government.
In addition, data protection authorities will have increased fining powers. If the law is passed, they will be able to issue fines of up to €1 million for non-government organisations and charities and up to 2% of global turnover for enterprises that fail to comply.
Find out more about Microsoft’s compliance at the Office 365 Trust Centre