THE EU’S parliamentary body has pushed through data protection reform that could end up costing businesses millions of pounds.
The General Data Protection Regulation (GDPR) was approved by the European Parliament last week, and gives EU citizens greater control over how their personal data is stockpiled by companies.
Fierce European ‘yes’
Several provisions have been included within the rules for European citizens and businesses, including a right to be forgotten for individuals, a right to transfer your data to another service provider and the right to know when your data has been hacked.
“This is a great success for the European Parliament and a fierce European ‘yes’ to strong consumer rights and competition in the digital age,” said Jan Philipp Albrecht, member of the Greens/European Free Alliance, who steered the legislation through parliament.
“The regulation will also create clarity for businesses by establishing a single law across the EU. The new law creates confidence, legal certainty and fairer competition,” he added.
‘Firms will need to take time to plan’
In a blow to international businesses, the regulation also implements ‘stronger enforcement’ against companies which holds Europeans’ data, applying fines of up to 4% of firms’ total worldwide annual turnover, or €20m (£15m) as a deterrent to breaking the rules.
The provisions will be directly applicable in all member states two years after the new rules are published in the EU Official Journal.
Due to the UK and Ireland’s special status regarding justice and home affairs legislation, the directive’s provisions will only apply in these countries to a limited extent.
“The data protection impact assessments will require companies to formalise their documentation showing exactly what they are doing with customer data and who can access it,” says Sachiko Scheuing, european privacy officer at Acxiom.
“If not in terms of budgetary investment, firms will need to take time to plan for this major initiative.”
Alex Traill, professional indemnity partner at risk and insurance law business BLM, previously warned of the risks posed to FD’s by the EU’s data protection rules
Join Financial Director, Oracle and a host of ‘Fast Data’ experts to discover how financial professionals can help create a Fast Data business
Yahoo’s data breach highlights difficulty in determining whether unauthorised access to data has occurred
Cyber risk is a dynamic threat as criminals seek more creative ways of extracting value from reputable businesses. The new wave of attackers are sophisticated and skilled, and may lie low inside a network for weeks, or months, before taking definitive actions
The biggest threat of turmoil relates to uncertainties over the US November elections. The markets will have to seriously consider the possibility of Donald Trump being elected
What can you do to ensure your employees know the company policy and stick to it? Hear from other CFOs and experts in our free-to-view video