upcoming EU Data Protection update

here is a head start as the draft is ready already:

http://www.mlawgroup.de/news/publications/detail.php?we_objectID=227

1. merging of COPPA law from US.
2. inclusive of non-EU company who may not have a entity in Europe to require a Data Protection Officer.
3. opt-in instead of opt-out for all processing of data. (this could change UI).
4. require of notification of beach in 24 hours
5. impose penalties of up to 2 % of a company’s worldwide turnover in case of severe data protection breaches.