Reding outlines data privacy plans for companies in Europe

European commissioner for justice, fundamental rights and citizenship, Viviane Reding, has warned companies operating in the EU that they will face court action if they break forthcoming European data laws.

Reding, who is currently preparing the new laws, warned that the EU would not hesitate to take action against non-EU companies that broke local laws on data collection and retention.

"To enforce the EU law, national privacy watchdogs shall be endowed with powers to investigate and engage in legal proceedings against non-EU data controllers whose services target EU consumers," she said.

"Stakeholders at a recent public consultation on data protection asked me to make clear that our data protection rules also apply to data retention. Storage of data is already included in the broad definition of 'processing' but the general public is unaware that processing includes storing/retention."

She explained that EU law would be based on four central principles. Firstly, citizens had to have a "right to be forgotten", to opt out of data collection and for those companies collecting it to prove a need to store the information.

Second, companies will have to be transparent on what data they are collecting and with whom it is shared. This was particularly important for young people on social networking sites she said.

"The third pillar is 'privacy by default'. Privacy settings often require considerable operational effort in order to be put in place," she said.

"Such settings are not a reliable indication of consumers' consent. This needs to be changed."

Finally, these laws must protect all EU citizens no matter where they are in the world. For example, third-party telecommunications companies would be bound by them whenever they processed data from an EU account.

The other area that needs attention is law enforcement. Reding proposed that these same rules should apply to law enforcement organisations that were seeking to access commercial data as part of ongoing investigations.

Legislative proposals on the new data protection rules would be released this summer, she said.