Thursday, March 13, 2014
With 621 votes in favour of the Regulation (10 against and 22 abstentions) on the 12th of March 2014, the European Parliament has secured the support given at committee level to the European Commission's data protection reform.
With the constant abuse and misuse of personal data, this reform is more than ever a necessity to return and strengthen the data protection rights of the people. Companies will have to step up to complying with the Regulation and put data protection compliance top on their agenda - or face the consequences of breach.
Through this
reform, several changes are noted and include the following points:
- The Regulation will establish a single law on data protection in the EU and replace the current conflicting national laws. This blanket of uniformity means that companies will have one law to deal with instead of the differing national laws which have proven to be quite problematic and time-consuming to deal with under the current 1995 Data Protection Directive. Whilst some national laws are quite stringent, there were others which are regarded as watered-down equivalents. The benefits have been estimated at 2.3 billion EUR per year.
- There will be one single supervisory authority which will make it easier and cheaper to do business in the EU.
- Enforcement powers will be stronger and companies outside the EU must comply with the same rules, failing which, data protection authorities are equipped to fine wayward companies a much higher fine (up to 100 000 000 EUR or up to 5% of the worldwide annual turnover in case of an enterprise, whichever is greater) than currently.
- Economic growth is encouraged, especially with regard to small and medium enterprises (SMEs) where several exemptions will apply.
- "Privacy by design" whereby data protection safeguards are built into products and services from the earliest stage of development rather than a case of "going back to the drawing board" and "Privacy by default" whereby privacy-enhanced default settings are the norm are two important elements in the EU data protection rules.
The bottom line is that, data subjects will have control over their personal data and companies who are still lagging behind in safeguarding personal data entrusted to them are in for hot water if they refuse to priotise the seafety and security of the data.
Feeble excuses for non-compliance often heard such as "no one ever gets caught anyway", "nobody else is doing it", or "we've other things which are more important" will thankfully, have to exit.
Category: