“17 years ago less than 1% of Europeans used the internet. Today, vast amounts of personal data are transferred and exchanged, across continents and around the globe in fractions of seconds,” ~ EU Justice Commissioner Viviane Reding, the Commission’s Vice-President
Just as Internet giants, Wikipedia and Google recently helped stall and cripple the highly controversial Stop Online Privacy Online (SOPA) bill, European regulators are seeking to impose their own modified version on business with a new round of EU Data Bills.
The EU commission moved to propose a new bill that reforms 1995 Data protection rules, that it hopes will save businesses up to €2.3 billion a year. It also hopes to simplify fragmented operating procedures and re-enforce consumer privacy when transacting online.
For instance, the proposed bill states:
Organisations will only have to deal with a single national data protection authority in the EU country where they have their main establishment. Likewise, people can refer to the data protection authority in their country, even when a company based outside the EU processes their data. Wherever consent is required for data to be processed, it is clarified that it has to be given explicitly, rather than assumed.
However, others call it burdensome to business and probably more expensive to implement.
“Organizations that fail to issue notifications about a personal data breach in a timely or complete fashion to the supervisory authority will face fines of up to 2 percent of their current revenues,” said PC Mag.
This means penalties as high as €1 million could be imposed on providers who fail to secure customer data.
According to a EU press release, proposals will be passed on to the European Parliament and EU Member States for discussion. It will take roughly 2 years to pass.
“In the digital age, the collection and storage of personal information are essential. Data is used by all businesses – from insurance firms and banks to social media sites and search engines,” said the EU.
“In a globalized world, the transfer of data to third countries has become an important factor in daily life. There are no borders online and cloud computing means data may be sent from Berlin to be processed in Boston and stored in Bangalore.”
The new bill thus aims to rectify this by complementing the bill with other legal instruments, such as the e-Privacy Directive for the communications sector. There are also specific rules for the protection of personal data in police and judicial cooperation in criminal matters
The PC Mag article featured an interview with a leading IT Security company who “remained unconvinced that legislating around the disclosure of breaches actually provides any real incentive for organizations to employ best practices when it comes to data security. Let’s face it, imposing a fine or a time limit is just like putting a plaster over a gaping wound — it only goes so far.”
Other observers do say the bill may have some value to consumers and the cost of not complying exceeds the damage done by an actual breach.
“However many companies will have to perform privacy impact assessments at a cost of around €14,000 (US$18,163). Companies with more than 250 people will also have to appoint a data protection officer,” said PC Mag.
Virtual Internet would be interested to hear your views! Post a comment below!
This article was brought to you by VI.net, for dedicated server hosting, cloud servers and 24/7 support visit our site here www.vi.net