The proposal for reform of the EU's privacy and data
protection laws look to be very ambitious and far reaching. Under
the proposals, the "patchwork" of data protection laws
and reporting requirements across Europe will be replaced with a
single set of rules for all 27 member states.
The proposal's centrepiece is a new draft General Data
Protection Regulation. The most controversial parts of the draft
regulation are the sanctions for regulatory breach. Although Member
States are to specify the exact rules for enforcement, the draft
Regulation states that maximum fines may be up to 2% of a
company's annual worldwide turnover. This will represent a step
change in the consequences of non-compliance.
Another significant change, affecting large employers, is that
they will be required to appoint data protection officers.
Organisations with more than 250 employees will have to designate a
data protection officer to ensure that they deal with the personal
information of staff and customers correctly.
The draft regulation will need to be approved by the EU Member
States and ratified by the European Parliament. It is expected that
it could take at least two years before the regulation is adopted.
However, given the wide-ranging nature of the regulation,
organisations should starting thinking now about how they will
comply with it.
The education sector is rapidly embracing technology. Laptops, tablets and internet connected devices are increasingly the first choice learning tool for students and staff across schools and universities.
Welcome to the August Global Data & Privacy Update. This update is dedicated to covering the latest legislative developments affecting the way data is managed and protected, as well as reporting on the most recent news...
The UK decision to leave the EU will not affect existing data protection and privacy laws in the UK. These laws (the UK Data Protection Act 1998 (DPA) and the Privacy and Electronic Communications Regulations 2003 (PECR)) protect people's personal data as well as ensuring that organisations have clear rules and a legal basis when collecting and using such data.
In April, we reported that the EC had opened a public consultation seeking the views of various stakeholders on the current wording of, and possible changes to, the Privacy and Electronic Communications Directive.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).