I comment frequently on data protection issues; and the one we have been waiting for is the EU’s data protection reform package. This has been a massively lobbied and consulted over process, stretching over four years, but on 15 December the European Parliament and the Council finally agreed this. This will – in 2018 – replace the 1995 regulations which in the UK led to the Data Protection Act 1998, and were needed because of the extent to which the world has changed since then. Windows 98, anyone?
We’ll no doubt discuss the details in due course but the burden on businesses will be greater, with statutory obligations to have data protection officers whose prime responsibility is to the Information Commissioner’s Office; and a potential sanction of up to 4% of global turnover for breaches of the regulations giving huge, sharp teeth to the whole thing.
This, combined with the recent finding of invalidity of Safe Harbor arrangement between the UK and US, will throw into yet sharper relief the gulf between the data protection approaches o the two cultures. Already our US client are struggling to grapple with the implications of clients based in EU with support and hosting services in the US and Asia.
Written by Paul Berwin of Berwins Solicitors.