back to article Strict new EU data protection rules formally adopted by MEPs

Strict new rules forcing companies to pay four per cent of their global turnover in fines if they breach the European Union's data protection regulations have today been formally agreed. The legislation will create a uniform set of rules across the EU "fit for the digital era," said the EU in a press release. It said they …

  1. Vimes

    Who will be enforcing this for anything happening in the UK? The ICO?

    Why do I have this sense of impending doom?

    I also can't shake the image of complete lack of action that has become so closely associated with the ICO...

    1. Doctor Syntax Silver badge

      The ECHR should be behind this. The ECHR decision on Safe Harbour came about because Schrems wasn't satisfied with the relevant regulator's response (in that case Ireland). So if the ICO doesn't get their finger out then they also might be taken to court. I suppose the Treasury might be egging them on as well - the thought of 4% of the global turnover of Google or Facebook or MS. Mmmm all that data from W10....

      1. Warm Braw Silver badge

        >The ECHR

        Actually, in this case, the ECJ.

  2. Anonymous Coward
    Happy

    EU fanboi in the making

    With news article after news article about how every company considers user data (not to mention a whole load of governments too, but that's a different story) as fair game, it is wonderful to see some action not influenced by corporate shills.

    Bless you EU, may you force this through to the UK before the pig f***er puts through a EU referendum.

    1. Vimes

      Re: EU fanboi in the making

      Companies seem to think that adding the word 'innovation' to anything they do makes what they do morally and legally acceptable. It doesn't, and terms like 'data innovation' - something they claim that they won't be allowed to do in at least one article - really make my skin crawl.

  3. Naselus

    Does anyone else

    Have a list of about 20,000 PPI claims companies who have acquired your data from somewhere that they'd like to mention to the EU?

    1. kmac499

      Re: Does anyone else

      Sureley that should read

      "Are you on a list of about 20,000 PPI claims companies who have acquired your data from somewhere..... CALL to make a claim; no documentation required just your email address"

  4. Adam 52 Silver badge

    The devil is in the detail. Anyone got a link to the detail, the EU website gives page errors?

    And, like the poster above, I'm sure the ICO will respond with their usual inactivity.

  5. Steve Davies 3 Silver badge

    What now Facebook/Twitter/etc?

    Go on, sharpen your act up or get the hell out of town.

    But will they eh?

    somehow I doubt it.

  6. sysconfig

    What's GCHQ's global turnover?

    Of course the same applies to private outfits which are set up for the sole purpose of harassing (cold calling), hoovering up data etc, often hidden in layers of "holdings" and "groups" and practically nada on their balance sheets, or all the entities which keep losing citizens' data.

    Turnover alone is a very bad metric to determine fines. But hey, it's a good start, because unless something costs serious money, megacorps will not care.

  7. Daggerchild Silver badge

    Law of unintended consequences

    This should be fun. The Google pinata law is Go. Unfortunately Google can actually handle its data, though they'll definitely have to leave a limb behind. Facebook will be apoplectic that they'll have to allow user data export. Good.

    Enforced data export fluidity might be an problem where finding and cleaning the data is the point of the business. Everyone's definitely going to get 'informed consent' fatigue. Cookie banners on steroids that must actively prevent you entering until you agree. Will sites be usable by those who decline? Incognito browsing will bloom barriers every .. single .. time.. and God help you if you're a bot.

    But really, this is just a big glorified beta test, and it's going to get very grating for all parties over the next few years, with other nations taking note/advantage. Nobody will get this right for decades.

  8. Christian Berger

    Can't be a significant improvement...

    ...otherwise Google and Facebook would be up in arms against it.

  9. Anonymous Coward
    Anonymous Coward

    Right to be forgotton

    Does this apply to Government Agencies? It would be great to ask HMRC to forget me each year.

    1. Nick Ryan Silver badge

      Re: Right to be forgotton

      Government agencies are specifically excluded from some, or all, of the DPA. Nice try though.

      1. Richard 12 Silver badge

        Re: Right to be forgotton

        Ah, but what about the private companies who have acquired this info?

        Does this now mean all those "private parking scare-letter" companies can be torn asunder and their corpses hung from pikes?

    2. jonathanb Silver badge

      Re: Right to be forgotton

      If they published a press release saying you had been prosecuted for tax evasion, then yes you could ask them to take it down after a suitable period of time had passed. If they leaked your tax return data, you could complain in the same way that you could complain about anyone else leaking your data.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021