EU privacy boogeyman unleashed by the very people with boogeyman-slaying weapons

Plus won't someone think of the charidees?


Another day, another report scaremongering about Europe’s big reforms for laws that protect people's personal information.

According to a fresh piece of research from Kroll Ontrack and Blancco – experts in data recovery and erasure respectively – 81 per cent of European IT managers surveyed are unfamiliar with the proposed new rules on keeping citizens' data private. Yet 57 per cent thought their company would be directly affected by the new legislation.

In a similar vein, last month a survey undertaken by security provider Skyhigh Networks in California claimed that only 1 per cent of cloud providers would comply with all aspects of the new EU General Data Protection Regulation based on their current practices.

It’s worth noting that both these surveys were put forward by companies selling expertise in the area – perhaps trying to get ahead of the competition as the law is still only in draft form and has yet to be approved by EU member states in the Council.

Other reports seem keen to head the legislation off altogether by warning ministers of the “dire consequences” should the law go through in its current form. Marketing agency Medialab says the proposed new data protection rules would be “the biggest challenge in fundraising for a generation”.

They are concerned that asking people to tick a box to opt in to mailing lists, rather than assuming they are happy to opt in unless they specifically opt out, would dramatically reduce the number of possible contacts for fundraisers. “Think of the charities,” seems to be the message to ministers.

As it stands, the new regulation will apply to non-EU companies as well as European ones if they process EU citizens’ personal data obtained from selling or marketing goods and services to EU citizens. Proposed penalties for non-compliance are a fine of 5 per cent of a company’s annual revenue or up to €100m ($126m).

Jan Philipp Albrecht, the German MEP in charge of steering the draft law through the European parliament, said he found it hard to believe cloud computing companies in particular were unprepared.

"From a legal standpoint, if they are already complying with data protection laws in the 28 member states then they will be compliant with the new regulation. We are harmonising the law, not fundamentally changing it," he said. ®

Broader topics


Other stories you might like

Biting the hand that feeds IT © 1998–2022