Europe’s new approach to data protection

“Only if consumers trust that their data is protected will they entrust companies with it … We need individuals to be in control of their information”

Viviane Reding, DLD conference, Munich,

Europe is set to issue tough new data protection rules tomorrow in order to protect users. Their aim is to also simplify the EU’s approach to online data protection, making it easier for businesses to comply with the rules.

However, this legislative process is likely to take a couple of years as it will need to be approved by national governments and some might resist. So we’re really looking at 2014 or 2015 before Internet companies will be required to comply and before we will see any real change.

According to a draft of the new powers that Reuters gained access to, the new rules will require companies to notify regulators when data has been stolen/mishandled and that fines will be able to run up to 1% of their global revenues. Individuals will be given the ‘right to be forgotten’ and the ‘right to data portability’, meaning they can easily transfer their data between companies and services.

Source: Reuters

In a different article written by Bloomberg, they disclose that the new EU data-privacy rules will require companies to disclose data breaches within 24 hours of their occurrences. “Companies that suffer a data leak must inform the data protection authorities and the individuals concerned, and they must do so without undue delay,” Reding concurrs.

Source: Bloomberg

As noted above, we won’t see the full details of the new rules until tomorrow, but it’s good to have an idea of what we’re to expect.

How will these new rules effect you and your business?

One Response

  1. EUDataProtection 23rd February 2012