EU Agrees on Data Protection Rule Reboot

On Dec. 15, after extensive negotiations, representatives of the European Parliament and European Council agreed on a new draft of the General Data Protection Regulation, which would give Europeans greater control over how their personal details get used by organizations and businesses. The new measures would also grant privacy regulators stronger enforcement powers, clarify existing rules relating to the right to be forgotten and impose mandatory data breach notifications on organizations, allowing people to learn when their personal information has been exposed (see EU Prepares Tough Breach Notification Law).