Implications of the proposed EU laws for data security

blankIn January 2012, the European Commission made public their proposal for changes in the laws governing data security. According to the proposed new laws, Internet companies are bound to protect their users’ data, failing which they will be fined. The rules will apply not only to EU companies but also to non-EU companies like Facebook and Google, which provide services to people from EU countries.
Proposed New Laws
Some of the features of the proposed new laws include a stipulation that websites have to obtain permission from parents when collecting data from users who are aged 13 years or younger; a compulsion to inform users about how their data is being used, and delete any data on the user’s request. The proposed new laws also promote the ‘right to be forgotten’ which was originally aimed at the social media but will be applicable across the web.
What it means, practically?
Stricter Enforcement
These rules will apply even to companies that are based outside the European Union, if they provide services to residents of the EU, or if they monitor the behaviour of citizens of the EU. Companies, which have employees in excess of 250, need to appoint a data protection officer for ensuring new law compliance. Data protection agencies in the different countries will be strengthened so that they can ensure the rules in their regions. They will also have the power to fine companies that do not comply, with fines ranging to 1 million Euros, or up to 2 per cent of the company’s global turnover.
Consent to Store Data
The new rules also make it necessary for companies to explicitly request permission when storing users’ data. Currently, websites and portals assume that a user has given permission to store his data, unless he specifies that his data is not to be stored or used. In the future, they will have to take permission before they collect and store data. In the case of users who are aged under 13, data cannot be collected or stored without parental consent.
Right to be Forgotten
Under this clause, it is mandatory to delete data upon the user’s request, unless there is a specific legal reason for maintaining records of the same. There are very few exceptions to this, and data can be maintained if it is necessary for the ‘purposes of proof’ or “for the protection of the rights of another natural or legal person or for an objective of public interest.”
Breach of Data Security
In the case of breach of data security, the companies must inform their national data protection regulators within a period of 24 hours. They will also have to maintain the appropriate documentation to demonstrate that they are complying with the new rules.
Challenges of Implementation
The new laws, when they are implemented, will certainly pose challenges to companies and Internet websites, on the implementation and maintenance of data. Though reports say that the rules will not be implemented until 2015, now is the right time to start, so that all the processes can be in place when the time comes to follow these rules. Rather than create an entire internal department, it is more logical to opt for data protection by Iron Mountain or a similar specialised firm, which offers reliable and secure data protection. Having a data protection plan will not be optional, but compulsory under the new laws, and companies that begin working on it now, will find it easier to implement later.

Similar Articles



Please enter your comment!
Please enter your name here


Sign Up For Exclusives!

Most Popular

Micro-Schools during COVID-19

An Introduction to Micro-Schools during COVID-19 Parents across the nation are facing a troubling dilemma when it comes to the back to school season....

Is the Keto Diet Right for You?

How to follow the Keto diet The ketogenic or keto diet has become popular as it is simple with significant results. Whether you intend...

DIY Garage Floors Refinishing Tips

DIY Garage Floors Painting Tips DIY tutorials have helped in designing, remodeling, as well as dining. Specifically, it can improve your home project when...