The EU has long been in the process of introducing a new data protection framework by way of a regulation rather than a directive. This would change the existing flexible and often uncertain framework into something more constant. Currently EU data protection standards are set primarily by Directive 95/46/EC. While this sets standards for data protection, it still falls on the Member States to legislate accordingly. This often leads to variations in the laws of Member States which makes enforcement problematic. The Regulation, once in place will create a uniform framework which will solve this problem. The new Regulation is slated to come into force in 2016.
This new approach has come under scrutiny by several American tech companies, particularly social networks and search providers which would be affected. This new Regulation will standardise penalties for wrongdoing in the entire EU and will also make portability of data easier. The latter change will mean, for example, that it will be easier to move or import data from one social network to another.
Companies have raised several concerns, particularly at the fact that fines will now be proportional to up to 4% of worldwide revenue. While this would be a significant deterrent, companies have been critical of the measure and have stated that this could mean the end of free online services. It is still also largely uncertain how the US will develop its own legislation in this regard.
For further information about data protection law, kindly contact GVZH Advocates at firstname.lastname@example.org