Standardised European Data Protection Law Proposed

As part of modern life, we can lose sight of how much we reveal about ourselves to the world (think social networking sites and store loyalty cards).  For businesses and other organisations that make use of personal information, managing the use of the information lawfully can be a real headache, particularly for those with an international dimension to their business and multiple regimes to adhere to.

The European Commission has issued proposals to strengthen and simplify the existing data protection laws that apply across the European Union.  The intention is to boost Europe’s digital economy by reviving consumer confidence in their online privacy rights.  Introduction of a ‘one-stop shop’ for data protection is proposed to achieve that outcome by replacing the current fragmented and differing systems in each country.

As well as giving consumers greater uniformity of protection, the proposals will save business an estimated €2.3 billion a year in administrative costs.  While business will certainly welcome a standard approach across the EU, there will also be a concern to ensure that the desire to boost consumer confidence in online privacy rights does not detract from the efficient use of personal information for legitimate purposes.

The key reforms proposed include:

  • A uniform set of rules across the whole EU. Removing legal uncertainty and inconsistency across Member States, volumes of paperwork for businesses and overcoming a disincentive and cost to expanding businesses into new areas of the Single Market;
  • Companies will deal with a single national Data Protection Authority (DPA) in the EU Member State where they have their principal place of business, the DPA’s decisions will be binding across the EU area;
  • Serious breaches, such as theft or accidental release of data, should be reported to the DPA within 24 hours (if feasible) and to individuals without undue delay; and
  • Individuals to give explicit consent to data processing or reuse and they will have greater rights in terms of transferring personal data between service providers and deleting data which is no longer required

However, these proposals are only as good as the enforcement they receive (if they become law). DPAs will have stronger investigative and sanctioning powers, including the ability to fine up to €1m or 20% of global turnover of the company for breaches.

For companies which operate branches outside the EU, but contract with individuals within the Single Market, or process their personal details outside the EU, it is proposed that Binding Corporate Rules are introduced to ensure uniformity of protection, regardless of organisations’ internal arrangements.  BCR will be approved by one DPA only and considerably simplify the process.   

As with any EC legislative proposal, it will be years rather than months before the proposals are consulted upon, amended, voted upon and implemented.  However, the proposal does provide some hope that the regulatory burden on businesses trading across Europe may be eased somewhat in the future.

We will keep you updated with data protection developments, in the meantime if you would like professional advice about any of these matters please contact us at 01382 229222.

Kelly Craig
Solicitor – Corporate & Commercial

Join us at the Dundee and Angus Chamber of Commerce ‘Law Week’

We are delighted to be involved in ‘Law Week’ which runs from 6th March – 8th March. Organised by the Dundee & Angus Chamber of Commerce, ‘Law Week’ is a suite of topical, one-hour, legal briefings.

Dates: Tuesday 6th March to Thursday 8th March 2012

Format: A series of one-hour topical law seminars

Times: The first session each day will commence at 8.30am and the last session will conclude at 4.30pm (6pm on Thursday 8th March)

Venue: Dundee & Angus Chamber of Commerce, City Quay, Dundee

Cost: FREE*
(*Any booking cancelled with less than three full working days’ notice will be subject to a cancellation fee of £10+ VAT)

Seminar programme:

  • Absence Management: Curing your sickness headaches
  • Capability: Default retirement age
  • Fire Safety
  • Health & Safety: How safe are your premises?
  • Is there still no such thing as a free lunch?: The Bribery Act 2011
  • Latest Developments in Discrimination Law: Key cases explained
  • Successful Debt Recovery Strategies
  • Survive & Thrive in 2012
  • Twitter and Facebook: Threat or opportunity?

Click here for seminar descriptions and dates and times.

The format allows you to attend the sessions that are most important to you and because each seminar will run twice over the course of Law Week, you have double the chance to get to the seminars you want. Law Week will conclude with a Panel Session to give you the chance to ask questions on topics and issues not covered in the individual seminars.

Law Week is open to DACC members and non-members. Places will be offered on a first-come, first-served basis and if demand is high, may be limited to one person per organisation. So, don’t miss this unique opportunity to get all of your law questions answered in one place at one time.

Register here and make sure of your place.