Data protection invests in user
EU reviews data protection review spells change for file-sharing
Modifications to European data protection rules will give users better control over their data and also reduce costs for businesses, according to the justice commissioner. In terms of a proposal by the European commission there will, in future, be a single set of data protection rules across the whole of the EU.
According to the commission the new legislation will mean increased accountability and responsibility for those who process personal data. Organisations and companies will be obliged to report any serious data breaches to their national supervisory authority as soon as possible.
Under the proposed legislation, national data protection authorities will have more power to ‘better enforce’ European Union rules in their home countries. They will also be able to fine companies that are in violation of EU data protection rules.
It is expected that these proposals will result in fines of up to €1m for those who fail to adhere to the proposed legislation.
Other important changes to data protection rules are as follows.
- The introduction of general data protection rules and principles for judicial and police cooperation in criminal cases. These rules will apply to both cross-border and domestic transfers of data.
- Companies will only have to deal with one national data protection authority, the one in the country where their company is registered.
- Individuals will enjoy easier access to their private data and will also be able to transfer this data from one service provider to another with greater ease.
- Individuals will have the ‘right to be forgotten’, which is to say the right to have his or her data deleted if there is no legitimate reason for it to be retained.
- EU rules will also apply to personal data being handled abroad by companies that are active in the European Union market.
According to EU justice commissioner Viviane Reding, it was vital for the rules to be amended. 17 years ago, she stated, only one percent of European citizens had access to the internet. She added, “The protection of personal data is a fundamental right for all Europeans… My proposals will help build trust in online services because people will be better informed about their rights and in more control of their information.”
Not everyone agrees with her, however. The Information Commission Office (ICO) said that although it welcomed the announcement in general, it felt that the EU proposals were unhelpfully and unnecessarily over prescriptive in some places. It said, in a statement, “The proposal also fails to properly recognise the reality of international transfers of personal data in today’s globalised world and misses the opportunity to adjust the European regulatory approach accordingly.”
The chief operating officer of Facebook, Sheryl Sandberg, did not criticise the proposals directly, but her remarks at the Digital Life Design Conference in Munich are considered to be a reference to these proposals. She said, “We are investing in technology, we are investing in basic education so that people can take advantage of these tools. We want to make sure we have the right regulatory environment, a regulatory environment that promotes innovation and economic growth.”