The proposal for reform of the EU's privacy and data
protection laws look to be very ambitious and far reaching. Under
the proposals, the "patchwork" of data protection laws
and reporting requirements across Europe will be replaced with a
single set of rules for all 27 member states.
The proposal's centrepiece is a new draft General Data
Protection Regulation. The most controversial parts of the draft
regulation are the sanctions for regulatory breach. Although Member
States are to specify the exact rules for enforcement, the draft
Regulation states that maximum fines may be up to 2% of a
company's annual worldwide turnover. This will represent a step
change in the consequences of non-compliance.
Another significant change, affecting large employers, is that
they will be required to appoint data protection officers.
Organisations with more than 250 employees will have to designate a
data protection officer to ensure that they deal with the personal
information of staff and customers correctly.
The draft regulation will need to be approved by the EU Member
States and ratified by the European Parliament. It is expected that
it could take at least two years before the regulation is adopted.
However, given the wide-ranging nature of the regulation,
organisations should starting thinking now about how they will
comply with it.
On 28 January 2014, Viviane Reding, Vice-President of the European Commission, and Justice Commissioner, gave a speech at the Center for European Policy Studies (CEPS) think tank, calling for "A data protection compact for Europe".
On February 4, 2014, the Mexican data protection authority, the Institute of Access to Information and Data Protection (IFAI), issued a statement to Bloomberg BNA announcing it anticipates issuing an abundance of fines in 2014 following an unprecedented increase in violations of Mexico’s Federal Law on the Protection of Personal Data in the Possession of Private Parties (the Federal Law).
The ‘Future of the Cookie Working Group’, established by the International Advertising Bureau (IAB) in 2012, has published a white paper titled ‘Privacy and Tracking in a Post-Cookie World’, which addresses the limitations of the traditional cookie.
Latest plans announced by the UK's Health and Social Care Information Centre (HSCIC) have resulted in a flurry of media controversy condemning NHS England (NHS) for advocating the sale of patient data to third parties for profitable gain.
The High Court’s decision to allow Safari users to bring their claim against Google in the English courts is of significant importance, demonstrating a shift in approach by the courts to how they deal with the impact of the disclosure of personal data.
The ICO has had a busy January with some key updates to note for the start of 2014
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”