E.U. Panel Backs Plan to Shield Online Data

The vote, by an influential committee at the European Parliament, is part of efforts in Europe to shield citizens from online surveillance in the wake of revelations about a far-reaching spying program by the National Security Agency of the United States. The legislation has been under consideration for two years.

The panel, meeting in Strasbourg, France, also endorsed ways of tightening other privacy rules, including fines that could run to billions of euros on the biggest technology companies if they fail to adhere to rules like limiting the sharing of personal data.

The measure, if accepted by Europe, is expected to face fierce lobbying from American officials and technology companies. The legislation would still require the approval of governments and the full European Parliament.

“This evening’s vote is a breakthrough for data protection in Europe and would overhaul E.U. rules, ensuring they are up to the task of the challenges in the digital age,” said Jan Philipp Albrecht, a German member of the Committee on Civil Liberties, Justice and Home Affairs.

Mr. Albrecht, who is steering the legislation through the European Parliament, added that the committee had “voted to make clear that it is exclusively E.U. law that applies to E.U. citizens’ private data online regardless of where the business processing their data has its seat.”

Timothy Kirkhope, a British member of the committee, said before the vote, “A more principles-based and less prescriptive regulation would have been a better outcome.”

After the vote, groups representing the technology industry pressed European leaders to oppose some of the measures.

John Higgins, the director general of DigitalEurope, which represents companies including Apple, Microsoft and I.B.M., criticized the measure and urged member states to look critically at it. “Rushing through a half-baked law risks throwing away a vital and much needed opportunity to stimulate economic growth,” he said.

Under current drafts of the legislation, fines would run as high as 100 million euros, ($137 million) or 5 percent of a company’s global annual revenue, whichever is higher, rather than a cap of 2 percent, which was the figure proposed by Viviane Reding, the European commissioner for justice, who wrote the original draft of the legislation.

Lawmakers want to pass the final bill before spring, partly to burnish their chances of success in European Parliament elections in May. That timetable is strongly supported by Ms. Reding.

European leaders are expected to meet in Brussels on Thursday and focus their discussions on using technology to drive economic growth and create jobs. A document circulated before the meeting also indicated that leaders planned to acknowledge a need “to foster the trust of consumers and businesses in the digital economy.”

The committee vote on Monday night, which Mr. Albrecht said had been delayed twice since April by intense lobbying, gives Mr. Albrecht a mandate to begin negotiating the final legislation with the European Council, the body representing member governments.

Two years ago, Washington successfully lobbied Europe to abandon a similar measure that would have shielded Europeans from requests by American authorities to share online data gathered by some of the biggest American Internet companies, many of whose users live in Europe.

For technology companies, the concern about the pending legislation is likely to focus more on the high fines for infractions, and on restrictions on sharing personal data that could limit their ability to gain revenue from advertising and offering new services.

Mark Scott contributed reporting from Berlin.