recent work

Tough new data protection rules proposed by European Commission

One of the rules proposed could see businesses fined 2% of turnover for serious data breaches, Viviane Reding, Justice Commissioner, has announced. As well as this, “Companies and organisations must notify [authorities] of serious data breaches as soon as possible — and to me, that means within 24 hours,” said Reding.

According to a Commission FAQ document, processing sensitive data without an individual’s consent will be considered a serious violation. Less serious breaches of the rules would see a lesser fine, proposed to be stepped at €250,000, or 0.5% of turnover, whichever is higher, and €500,000 or 1% of turnover, whichever is higher.

One of the main aims of the proposed changes is to see a ‘much simpler data protection administration throughout Europe’, according to Reding. As well as this, Reding has stated that “American companies… have to apply European law, like everybody who is doing business in Europe. Full stop.”