OpenStack 01/25/2018 (a.m.)
- The European Commission, on January 24, published its guidance aimed to facilitate a direct and smooth application of the European Union’s new data protection rules across the EU as of 25 May. The Commission also launches a new online tool dedicated to SMEs.
With just over 100 days left before the application of the new law, the guidance outlines what the European Commission, national data protection authorities and national administrations, according to the Commission, should still do to bring the preparation to a successful completion.
The Commission notes that while the new regulation provides for a single set of rules directly applicable in all Member States, it will still require significant adjustments in certain aspects, like amending existing laws by EU governments or setting up the European Data Protection Board by data protection authorities. The Commission states that the guidance recalls the main innovations, opportunities opened up by the new rules, takes stock of the preparatory work already undertaken and outlines the work still ahead of the European Commission, national data protection authorities and national administrations.
Andrus Ansip, European Commission Vice-President for the Digital Single Market, said: “Our digital future can only be built on trust. Everyone’s privacy has to be protected. Strengthened EU data protection rules will become a reality on 25 May. It is a major step forward and we are committed to making it a success for everyone.”
Vĕra Jourová, Commissioner for Justice, Consumers and Gender Equality, added:” In today’s world, the way we handle data will determine to a large extent our economic future and personal safety. We need modern rules to respond to new risks, so we call on EU governments, authorities and businesses to use the remaining time efficiently and fulfil their roles in the preparations for the big day.”
- One set of rules across the continent, guaranteeing legal certainty for businesses and the same data protection level across the EU for citizens.
- Same rules apply to all companies offering services in the EU, even if these companies are based outside the EU.
- Stronger and new rights for citizens: the right to information, access and the right to be forgotten are strengthened. A new right to data portability allows citizens to move their data from one company to the other. This will give companies new business opportunities.
- Stronger protection against data breaches: a company experiencing a data breach, which put individuals at risk, has to notify the data protection authority within 72 hours.
- Rules with teeth and deterrent fines: all data protection authorities will have the power to impose fines for up to EUR 20 million or, in the case of a company, 4% of the worldwide annual turnover.
The guidance recalls the main elements of the new data protection rules:
Posted from Diigo. The rest of Open Web group favorite links are here.
No comments:
Post a Comment