New Data Protection Laws

Irish Times have a very good piece about the new proposals for Data Protection in Europe including:

  • A single set of rules will apply across the EU
  • Less paperwork for companies, as “unnecessary” administrative requirements will go
  • Organisations and citizens will deal with a single data protection authority in the EU country where organisations have their main base
  • Organisations must notify their data protection authority and affected citizens of data breaches within 24 hours
  • Data breaches, or repeated failure to comply with the law, can draw fines of up to €1 million or 2 per cent of annual global revenue
  • EU rules must apply abroad when companies with an EU base handle EU citizen data abroad
  • Citizens have the right of “data portability”, to move data from one online service to another
  • Citizens have the “right to be forgotten” – online services must permanently remove data a person has uploaded, on request

Full article at http://bit.ly/wpoVNN