Strict new rules forcing companies to pay four per cent of their global turnover in fines if they breach the European Union's data protection regulations have today been formally agreed.
The legislation will create a uniform set of rules across the EU "fit for the digital era," said the EU in a press release.
It said they should also improve legal certainty and boost trust in the digital single market for citizens and businesses.
"The new rules will give users back the right to decide on their own private data”, said Parliament's lead MEP on the regulation, Jan Philipp Albrecht.
"At the same time, the new rules will give businesses legal certainty and chances for competition. It will create one single common data protection standard across Europe. This implies less bureaucracy and creates a level playing field for all business on the European market", he added.
The new rules will also include: clearer rules on processing of private data; the “right to be forgotten” – for consumers to be erased from company databases – an end to 'small print' privacy policies; a requirement from companies to appoint a data protection officer if they are handling significant amounts of sensitive data; and the creation of national Data Protection Authorities (DPAs) where citizens can complain about data breaches.
The agreement was reached by the EU parliament and EU Council on Tuesday evening was backed by 48 votes to four, with four abstentions.
The new rules will replace the EU's current data protection laws which date from 1995. ®