Side wave Side Wave Pink

EU approves new data protection laws

Opinion and industry comment, Trends, Tech industry news

EU approves new data protection laws

14th April 2016

The European Parliament today gave final approval to new data protection rules. A vote by MEPs passed the first reform of data protection protocol since the current rules were put in place in 1995.

Citizens are set to gain more control over how their private information is used in the digital era as a result of the new rules.

Among the key provisions is:

  • a right to be forgotten.
  • a requirement for "clear and affirmative consent" to the processing of private data by the person concerned.
  • a right to transfer your data to another service provider.
  • the right to know when your data has been hacked.
  • ensuring that privacy policies are explained in clear and understandable language.
  • stronger enforcement and fines up to 4% of firms' total worldwide annual turnover, as a deterrent to breaking the rules.

So, in future companies and organisations will by legally bound to tell you if they have been hacked and your data might have been exposed. They will have to inform you within 72 hours of the hack taking place. This, coupled with the promise of heavy fines, is clearly aimed at ending a culture in which some companies have hushed up data breaches in order to avoid embarrassment and PR disaster. The onus will increasingly be on those holding data to tighten up security and improve monitoring.

The new rules will also create a single law on data protection across the EU, something the European Parliament claims will make life easier for businesses to ensure they are compliant with the regulations.

Jan Philipp Albrecht MEP said: "The general data protection regulation makes a high, uniform level of data protection throughout the EU a reality. This is a great success for the European Parliament and a fierce European 'yes' to strong consumer rights and competition in the digital age. Citizens will be able to decide for themselves which personal information they want to share.

"The regulation will also create clarity for businesses by establishing a single law across the EU. The new law creates confidence, legal certainty and fairer competition."