In January, the European Commission proposed a comprehensive reform of the EU’s 1995 data protection rules to strengthen online privacy rights and boost Europe’s digital economy. These new rules are set to save businesses around €2.3 billion a year.
Businesses will need to ensure transparency for individuals, who must be provided – in a simple and understandable language – with appropriate information about the processing of their data.
Internet users should be put in a position to make informed decisions about when to disclose their personal information. For example, they need to be told which data is collected, for what purposes and how parties might use it. They must know their rights and understand which authority to address if those rights are violated.
People are to have easier access to their own data and be able to transfer personal data from one service provider to another more easily.
A ‘right to be forgotten’ is aimed at helping people better manage data protection risks online: people will be able to delete their data if there are no legitimate grounds for retaining it.
Penalties of up to €1 million or up to 2% of the global annual turnover of a company will apply, so it’s important to get it right!
At a later stage, once the proposals have been developed, more detailed information will be made available to RDO members.