The European Union has announced tough new data protection laws designed to protect internet users and punish unscrupulous marketers who misuse them.
The new laws are designed to give the power back to the user and gives regulators the powers to fine businesses and companies who do the wrong thing. They will come into power across all EU countries by the start of 2018.
Key details to the reforms include:
- It will unify the laws across the EU and mean companies will be beholden to one law across all participating nations. This will amount to €2.3 billion a year in savings.
- The new laws will have to be adhered to by any company wanting to do business in the EU, not just ones that are headquartered in Europe.
- Companies will have to declare in serious data breaches.
- All users will be privy to the “right to be forgotten” law which means that companies must delete any data they hold on customers if and when asked. Marketers will also not be able to hold and use data without the user’s consent.
- Companies can be fined as much as four per cent of annual turnover for not complying to the new laws.
- The digital “age of consent” has been raised to 16. This means that any user 15 or under needs to gain the consent of their parent or guardian to sign up for apps and websites.
- The big players will now need to employ a data protection officer or any company that specialises in data collection. Smaller and medium enterprises will be exempt.