We use cookies to improve our site and your experience.

By continuing to browse on this website you accept the use of cookies.

Privacy Notice

Tough new data protection law to bepassed by EU

Tough new data protection law to bepassed by EU

 

After nearly four years of negotiation, the EU is near to approving the text of a new regulation which will replace data protection laws across Europe and with a single data protection regulation.
The final text of the regulation has now been agreed as part of the “trialog procedure” which is a negotiation between the Council of Minsters, the Civil Liberties and Justice Committee of the European Parliament and the European Commission.  The final text must be approved by the European Parliament in a plenary session early next year before it becomes law although that vote is considered to be a formality.
We will provide a full analysis for what the new regulation means for employers operating in the EU over the coming weeks.   The regulation will affect different businesses in different ways but the three most significant aspects are expected to be:
Pan European.  A single regulation will apply across the EU with each business being regulated in its home state.
Real Sanctions. Depending on the provision of the Regulation that is violated, companies may be sanctioned with fines up to € 20 million or 4% of annual worldwide turnover.
Data Privacy Incident Reporting.   Data controllers (including employers) may be required to report loss of or unauthorised access to personal data.
There will be a 2 year implementation period before the new regulation becomes law and replaces the existing Data Protection Act 1998.

After nearly four years of negotiation, the EU is near to approving the text of a new regulation which will replace data protection laws across Europe and with a single data protection regulation.

The final text of the regulation has now been agreed as part of the “trialog procedure” which is a negotiation between the Council of Minsters, the Civil Liberties and Justice Committee of the European Parliament and the European Commission. The final text must be approved by the European Parliament in a plenary session early next year before it becomes law although that vote is considered to be a formality.

We will provide a full analysis for what the new regulation means for employers operating in the EU over the coming weeks. The regulation will affect different businesses in different ways but the three most significant aspects are expected to be:

  • Pan European. A single regulation will apply across the EU with each business being regulated in its home state.
  • Real Sanctions. Depending on the provision of the Regulation that is violated, companies may be sanctioned with fines up to € 20 million or 4% of annual worldwide turnover.
  • Data Privacy Incident Reporting. Data controllers (including employers) may be required to report loss of or unauthorised access to personal data.

There will be a 2 year implementation period before the new regulation becomes law and replaces the existing Data Protection Act 1998.