Council of European Municipalities and Regions (CEMR)
European section of United Cities and Local Governments

Home / News / In-depth news / Data protection
next > < previous

Local and regional governments as service providers

Data protection - 12.03.2014

“The new EU personal data protection regulation is not suitable for the public sector”
European local and regional authorities are disappointed that the European Parliament has maintained its main focus on the digital giants of the internet such as Google, Facebook or Amazon. Local and regional authorities had expected a revised legislation suitable for the public sector as well, as the current directive is outdated. Public authorities use personal data for the general public administration to be able to provide services to its citizens, not for commercial purposes witnessed in private sector. 

For CEMR members many of the EP amendments will heavily increase the administrative burden and create additional costs to local and regional authorities without actually benefitting citizens or improving their data protection rights.​

A much more complex procedure for public sector

CEMR is of the opinion that EP amendments are much too detailed for public administration when it comes to regulating procedures, notification and communication requirements, risk analysis and impact assessments, prior consultation and designation of data protection officers with specific tasks and requirements. The EP also interferes and attempts to regulate the use of human resources in public authorities which goes against general labour market principles. Furthermore CEMR shares the concern that EU’s ambition in the Horizon2020 on health research as an investment in better health for all might be undermined with the adopted text.

The new regulation leads to disproportionate costs for local government

Local and regional authorities support a comprehensive reform of data protection rules to guarantee citizens’ rights. However we believe that the implementation of the new regulation would create costs for public authorities that are disproportionate to the expected benefits for the citizens. For instance, as reported by the UK government, the total net cost for implementation of the new regulation in the UK could reach the amount of €292 million (£250 million) per year. In Finland the estimated cost for local and regional authorities alone would reach up to €200 million in the first years after implementation.     

We understand that the European Parliament wanted to adopt the new regulation before finishing its mandate. However, we still believe that the next Commission and Parliament should come up with a new proposal more adapted to local and regional reality
Notes to editors:

CEMR’s position on the European Commission’s proposal on general data protection regulation is available online
Développez vos ventes : conseil marketing Organisation - Audit, conseil, coaching, formation référencement sur Google de site Internet - Audit, conseil, coaching, formation Référencement naturel sur Google, SEO