Europe News

EU lawmakers: Respect data privacy or face fines

The European Parliament in Belgium
Getty Images

Companies such as Google and Facebook could be hit with fines of up to 100 million euros ($137 million) for breaking data sharing rules under a radical overhaul of European data protection laws.

Members of European Parliament (MEPs) in the civil liberties committee voted in favor of strengthening the European Union's (EU) data protection laws. The move paves the way for negotiations with EU countries over the implementation of the policy, which has not yet been made into legislation.

The parliament's vote comes after MEPs staged a series of inquiries into revelations that the United States has been spying on European Union citizens, creating tension between the two blocs.

"The vote by the European Parliament's leading committee is a strong signal for Europe. It paves the way for a uniform and strong European data protection law that will cut costs for business and strengthen the protection of our citizens: one continent, one law," said Viviane Reding, the EU's Justice Commissioner in a statement.

(Read more: EU threatens to halt terrorist fund tracking deal with US)

The initial blueprint for the laws, the first reform since 1995, was set out by the European Commission, the EU's executive arm, in early 2012. New technology and the boom of social media have led the EU to table reforms that will create a single legal framework across all countries in the 28-nation bloc.

Nearly 4,000 amendments have been tabled by MEPs including increasing the fine to 5 percent of annual worldwide turnover of a company or 100 million euros, whichever is greater, from the 2 percent proposed by the Commission.

Europe votes on data protection reform

Parliament's suggestions also build on the Commission's plans for personal information held by firms to be deleted on request, by introducing a "right to erasure" rule, meaning that third parties holding personal data should delete it too.

If a third country requests personal information from a company that was processed in the EU, the firm would have to seek authorization from the national data protection authority before transferring any data and inform the individual.

(Read more: US spying a 'slap in the face': EU lawmaker)

The EU has locked horns with a number of technology companies over the past year. Facebook, Yahoo!, Google and other Internet-based firms, are concerned it will damage their business, impose costly burdens and limit their ability to target goods at consumers.

But some analysts do not believe this will change the way data is recorded.

"I don t think there is a fundamental change in the principles about the way they hold data," Chris Forsyth, partner at Freshfields Bruckhaus Deringer, told CNBC.

"The thrust of data regulation in Europe is towards what they call personal data, which is defined as being data relating to an identifiable individual. So once you aggregate that data and reduce it to trends without identifying the individuals then there's less concern."

Parliament will now start negotiations on introducing the reform with national governments and hopes to reach an agreement on the legislation before the May 2014 European elections.

—By CNBC's Arjun Kharpal: Follow him on Twitter @ArjunKharpal