Internet users to get new rights under EU data protection proposals
- 26 January, 2012 02:15
- Comments
Internet users in the European Union will benefit from greater control over their personal data if new proposals to reform the Data Protection Directive are implemented.
The European Commission on Wednesday presented sweeping changes to the old regulation, which dates from the pre-Internet Age.
The right to be forgotten is a significant step forward for online consumers in controlling who has access to their personal information. According to a Eurobarometer survey last year, only 26 percent of social network users and 18 percent of online shoppers feel in complete control of their data.
Under the new proposals, if a consumer asks for their information to be deleted and there is no legitimate grounds for retaining it, companies must comply or face a hefty fine. The new law would also simplify this procedure for consumers as their own national data protection authority would become their "one-stop-shop" for any complaints regardless of where the company is based.
Consumers must also be notified as soon as possible if there is any security breach that puts their information at risk. In practice this should be within 24 hours, said Commissioner Viviane Reding.
The rules would also enshrine a user's right to data portability. For example social networks and photo sharing websites allow people to store hundreds of photos, but if a user wishes to move these photos to a new service provider, the original company must comply where technically possible. "Users should not be bound to one provider simply because it is inconvenient for them to move their data," said the Commission.
Facebook said: "We welcome Vice President Reding's view that good regulation should encourage job creation and economic growth rather than hindering it, and look forward to seeing how the E.U. Data Protection Directive develops in order to deliver these two goals while safeguarding the rights of internet users."
The legislative proposals also take into account the special case of minors saying: "Children deserve specific protection of their personal data, as they may be less aware of risks, consequences, safeguards and their rights."
Before processing personal data, companies must obtain explicit and free consent. "In order to ensure free consent, it should be clarified that consent does not provide a valid legal ground where the individual has no genuine and free choice and is subsequently not able to refuse or withdraw consent without detriment," says the proposal. In practice this would mean that for example, an employer could not demand information from employees under the threat of losing their job.
Christian Toon, head of information security for Iron Mountain Europe, believes that the proposed regulation is good news for customers and should galvanize businesses to undertake a more critical review of their existing information management and security policies. "Many businesses of all sizes are falling short of what is required to manage information responsibly. In today's increasingly scrutinized business environment, the lack of a solid and legally compliant information management policy is inexcusable. Regardless of turnover, sector or country of operation, making sure that employee and customer information is protected should be common practice, not a reaction to new legislation," said Toon.
European consumer advocacy group BEUC welcomed the proposed legislation.
Follow Jennifer on Twitter at @BrusselsGeek or email tips and comments to jennifer_baker@idg.com.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Bookmark this page
- Share this article
- Got more on this story? Email CIO
- Follow CIO on twitter
-
Swedish e-commerce startup's execs linked to NYC sex crime
-
Face Time - Interview with John Brennan and Robert DiStefano
-
How to implement next-generation storage infrastructure for Big Data
-
Pfizer's Future Depends on IT Transformation
-
Pfizer's Future Depends on IT Transformation
-
Oracle Business Process Analysis Suite
Careful analysis and continuous optimization of business processes delivers real competitive advantage. Conversely, a random approach to process design negatively impacts a company’s bottom line. This insight is one reason successful companies adopt business process management (BPM) as a way of aligning their business processes with business and customer requirements. Success with BPM eliminates the gap between business strategy and implementation. Business users are empowered to participate in all stages of the business process lifecycle. Closed-loop integration between modeling, execution, and monitoring enables continuous and holistic business process improvement. -
Business Process Management, Service-Oriented Architecture, and Web 2.0: Business Transformation or Train Wreck?
As a result of more and more organisations adopting new technologies and business practices surrounding BPM, SOA, and Web 2.0, fundamental changes have arisen in the way IT and business stakeholders work together. Make this into an opportunity - read on. -
Enhancing Decision-Making, Cost-Efficiency, and Profitability With Predictive Analytics
Today’s managers must always look at the past, present, and future. They need reports on past performance to improve operational efficiency. Business intelligence (BI) platforms such as Information Builders WebFOCUS, are providing a unified decision-support environment where managers can retrieve and analyze data about past, present, and future activities. In this paper, we will discuss the incorporation of predictive modeling capabilities into the WebFOCUS BI platform, and highlight how this advanced functionality can dramatically improve decision-making, thus reducing risk and costs while increasing revenue and profits.
Get exclusive access to Invitation only events CIO, reports & analysis. 
Comments
Post new comment