The Solicitor - The FindLaw UK Life, Family and Workplace Law Blog

EU law: Data protection proposals could mean big fines for non-compliance

New laws on data protection proposed by the European Commission will include large fines to ensure that businesses comply with their terms.

The Commission announced their plans this week for legal reform, and firms who breach the proposed legislation will face fines of up to 2% of their annual turnover.

The changes are to be made to the 1995 data protection rules which are now felt to be out of date. They include provisions for easier access to data, and greater freedom to move your own personal data from one firm to another.

The changes will also allow users the right to demand that their data be deleted unless the firm has legitimate grounds for keeping it.

Organisations who suffer breaches of data security will be required to notify authorities as early as possible, and where consent is needed companies will need to obtain it explicitly, rather than just assuming it.

Large businesses, classified as those with more than 250 employees, will have to appoint a data protection officer.

Speaking about the purpose of the new laws, Viviane Reding, the Justice Commissioner said: "My proposals will help build trust in online services because people will be better informed about their rights and more in control of their information."

The Commission believes that the new laws would simplify legislation, and when fully implemented could save businesses a total of €2.3bn (£1.9bn) every year.

Penalties under the new legislation are particularly harsh. Businesses who charge users for their own data could be charged 0.5% of annual turnover, which could be doubled if they refuse to hand over data, or fail to correct mistakes in their information. More serious violations would be met with a 2% of turnover fine.

Critics have claimed that any benefits gained from a change in the law would be lost to businesses by the creation of new burdens.

"The one bit of a good news is that they result in harmonisation across Europe which is better than the existing situation with 27 different national laws, but the content of some these proposals is very onerous," said Marc Dautlich who heads the information team at legal firm Pinsent Masons.

Related links:

Read more on the story (BBC)

Data protection offences and enforcement (FindLaw)

Find local specialist solicitors throughout the UK (FindLaw)