The regulation to standardise data protection rules and crimes across the European Union is "perhaps the most lobbied" in the history of the European commission, Christopher Docksey said.
"There are some undesirable changes going on. They [several firms and EU member states] are favouring big data, rather than big data protection," he said.
The much anticipated new data protection rules could be completed as soon as June this year, when it will be reviewed before being instated as law, he revealed.
The commission has already completed chapters on contract processing, the international transfer of data between EU countries and tricky issues like employment research.
He hinted that data controllers - which will include firms, local authorities and service providers that use customer or public data - will be held more accountable for data breaches once the new framework is published. He said that penalty costs "were vital to achieve compliance".
Docksey added that technology had greatly influenced the EU's common agreement.
"When you put big data, cloud and the Internet of Things together, you have a new landscape of rules," he said.
Current law enforcement currently does not correlate across EU member states, meaning firms who hold information on customers in several countries are at risk of breaching data protection rules in different sovereignties.
As it stands the law surrounding data protection "is terrible", Docksey added.