Monday, January 28 10:47:43
Ireland is set to play an important role in advancing the new Data Protection Regulation throughout the EU Presidency.
The regulation, which is particularly relevant to foreign multinationals operating in and through Ireland, will come to a crucial point during the Presidency and the Irish Government is preparing to play a significant part in its progression.
The proposed new Data Protection Regulation aims to strengthen and harmonise existing data protection law across the EU in order to ensure more transparency on information being collected, as well as an individual's right to protection of personal data.
EU policymakers are seeking to reach agreement on new laws later this year and companies will have to begin complying with the new set of rules as early as 2015.
The current regulation is interpreted differently across Europe, is outdated and no longer fit for purpose. There is a strong need for consistent data regulation across all 27 European member states and this will in turn reduce costs dramatically and make doing business within Europe much more attractive.
To coincide with Global Data Protection Day today, law firm Matheson hosted a seminar in Dublin today with Billy Hawkes, Irish Data Protection Commissioner. The seminar examined the key changes and issues businesses operating in and through Ireland should be aware of.
Such as, if companies are found to be in breach of the new laws they will face substantial fines. Maximum penalties for intentional or negligent breaches can reach up to E1,000,000 or 2pc of the annual worldwide turnover of the company.
Individuals will have the "right to be forgotten and to erasure". This is the strengthened right to have personal data deleted and an obligation on those who collect the data to state clearly for how long they intend to retain it.
The Regulation extends the scope of the European data protection regime to data controllers outside the EU. The change in law will mean that many US online businesses who target EU residents will need to also comply with the new EU Data Protection Legislation.
The Regulation proposes to make it more difficult for organisations to rely on individuals' consent. The definition of consent now requires it to be explicit and online companies must be able to prove that it has been obtained. They will however still be permitted to give consent by a "clear affirmative action", such as clicking on a "tick-box" online.
Speaking at the Global Data Protection Day Seminar today, Billy Hawkes, Irish Data Protection Commissioner said new laws are needed to protect people's privacy.
"The aim of Global Data Protection Day, which was launched by the Council of Europe in 2006, is to give European citizens the opportunity to understand what their rights are with respect to the processing of their personal data as well as highlighting for data controllers and processors the risks inherent in any unfair processing of personal data. During the Irish EU Presidency this year and the on-going discussions between Member States on the text of the New Draft Data Protection Regulation it is also important to highlight the need to further strengthen and harmonise data protection law across the EU."
(By Joe O'Connor)