EU Agrees On New Data Protection Rules

The European Union ushered in new rules regarding data protection on Tuesday, allowing citizens to better control their personal data and keeping businesses in check by threatening rule breakers with heavy fines.

The eagerly-anticipated rules will come into effect by early 2018, and will be law across the 28 European Union member states.

Pan-European

“These new pan-European rules are good for citizens,” said Vera Jourova, the European justice commissioner on Tuesday.

“Citizens and businesses will profit from clear rules that are fit for the digital age, that give strong protection and at the same time create opportunities and encourage innovation in a European Digital Single Market.”

As part of the new rules, a General Data Protection Regulation will be implemented to enable people to have more power over their personal data. A further ‘Data Protection Directive’ for the police and criminal justice sector will also make sure that the data of victims, witnesses, and suspects of crimes, are protected.

The EU called the reforms “a fundamental right for citizens”, whilst also giving the EU a chance to boost the boost the Digital Single Market.

“Today’s agreement is a major step towards a Digital Single Market. It will remove barriers and unlock opportunities. The digital future of Europe can only be built on trust,” said Andrus Ansip, vice president for the Digital Single Market, an initiative set up by the EU to ensure “free movement of goods, persons, services and capital”.

The new rules have been welcomed by some companies. A Fujitsu spokesperson said today: “The news that new EU Data Protection regulations are likely to be agreed upon should be largely welcomed, as it will promote consistent data protection requirements in each country and a single reporting and compliance regime.”

For citizens in the EU, the major reforms include easier access to personal data, a right to data portability, a clarified “right to be forgotten”, and the right to know when your personal data has been hacked.

For businesses, the new regulations will establish one single set of rules that should make it simpler and cheaper for companies to do business in the EU. Companies based outside of the EU will have to apply the same rules when offering services within the EU, and the regulations will further guarantee that data protection safeguards are built into products and services from the earliest stage of development.

“Our next step is now to remove unjustified barriers which limit cross-border data flow: local practice and sometimes national law, limiting storage and processing of certain data outside national territory,” said Ansip. “So let us move ahead and build an open and thriving data economy in the EU – based on the highest data protection standards and without unjustified barriers.”

Take our data breaches of 2015 quiz here!