1. The establishment of EU-wide registration forms for databases;
2. Specific new rules on privacy notices, including the promulgation of EU "standard form privacy information notices" and special rules with respect to minors;
3. New rules that strengthen and clarify the concept of consent to the collection, use and transfer of data;
4. A right to demand deletion of data no longer needed for the purpose for which it was collected;
5. Allowing individuals to take his/her photos, medical records or a list of friends from an application or service and transfer them into another one;
6. New rules on what constitutes "sensitive data";
7. New remedies for violations of privacy, including expanded criminal sanctions and empowering data protection authorities with the right to go to court;
8. The establishment of security breach notification rules;
9. Clarification on the legal rules that will attach to data stored in the cloud, regardless of the geographic location of the controller;
10. The possible introduction of an "accountability" principle to ensure compliance with data protection laws;
11. New rules that make the appointment of corporate Data Protection Officers mandatory;
12. Improvements in current procedures for international data transfers, in order to ensure a more uniform and coherent EU approach vis--vis third countries and international organizations;
Cumulatively, these proposed andbroad-sweeping changes would amount to adramaticshift with regard to data protection in the EU.