The new EU General Data Protection regulation - what do you need to know
On the 17th December 2015, the European Parliament's Civil Liberties, Justice and Home Affairs [LIBE] Committee voted resoundingly in favour of the new General Data Protection Regulation (GDPR).
Due to come into force in early 2018, the GDPR is the most significant development in data protection law in 20 years.
The GDPR is designed to help empower consumers; businesses, as data guardians, will need to be prepared to act on the changes.
Data breach notification will become mandatory, meaning that serious data breaches will no longer be able to be swept under the carpet.Data portability, for consumers who want to move their data between services, will require businesses to put in place provisions for users to transfer their data between service providers.There will be provisions for European Union member states to set age limits between 13 and 16 years old, below which companies would be banned from handling data without parental consent, anticipated to impact on social media and online services.The GDPR may encourage businesses looking to enter the EU market to come to the UK, as the new rules mean that multinationals will be answerable to only one data protection, based on where they have their 'main establishment'. The ICO as a pragmatic and commercially minded regulator may therefore make the UK a prime choice for data rich businesses.Individuals will have the right to receive compensation if they have suffered material or immaterial damage as a result of companies breaching the GDPR.
For more information please contact Jaclyn Wilkins on +44 (0)20 7203 5122 or at mailto:firstname.lastname@example.org
News & Insights
Compliance newsletter - February 2018
Our seasonal round-up of Compliance related issues.
ENRC granted permission to appeal High Court decision with far reaching ramifications for privilege in internal investigations
We look at the two most impactful changes in the Bribery and Corruption sector in 2017.
Uber data breach highlights notification obligations and GDPR impact
The incident provides a useful reminder of the current laws and imminent changes relating to data breaches.