On October 24th, at the European Council summit in Brussels, leaders from the 28 EU member states agreed to push back the deadline for the adoption of the new EU data protection framework, agreeing that the deadline should be in 2015, rather than the May 2014 deadline that the European Parliament and European Commission had set out. In light of this, it appears that there is still much diversion amongst the viewpoints at the European Council level.

Earlier in the week, the European Parliament’s Civil Liberties Committee (LIBE) voted to back a version of the proposed data privacy framework, which leans heavily towards consumer protection and includes a number of controversial privacy rules, including steep sanctions for violations, strict explicit consent requirements, a “right to be forgotten,” and a requirement for companies to obtain regulator approval prior to disclosing any EU personal information in response to requests from governments outside the EU.

The approval of the framework by the European Parliament came after nearly two years of debate and heavy lobbying – and the swift approval is attributable, at least in part, as a response to the NSA spying scandal. The delay by the European Council could lead to the final outcome of the new EU Data Protection Regulation being less influenced by the Snowden leaks and the NSA scandal.

Click here to read DLA Piper’s analysis of the parliamentary vote.