Data protection in the European Union is a fundamental right. Europe already has the highest level of data protection in the world. However, nine out of ten Europeans (92%) say they are concerned about mobile apps collecting their data without their consent. Seven Europeans out of ten are concerned about the potential use that companies may make of the information disclosed.
The new
rules will put citizens back in control of their data, notably through:
• A right to be
forgotten: decide when your data is really deleted.
• Easier access to your
own data:
A right to data portability will make it easier for you to transfer your
personal data between service providers.
• Allowing you to decide
how your data is used: When your consent is required to process your data, you must be
asked to give it explicitly.
• The right to know when
your data has been hacked: for example, companies and organisations must
notify the national supervisory authority of serious data breaches as soon as
possible (if feasible within 24 hours) so that users can take appropriate measures.
• Data protection first,
not an afterthought: ‘Privacy by design’ and ‘privacy by default’ will also become
essential principles in EU data protection rules.
The
European Commission's data protection reform will help the digital single
market and businesses realise this potential, notably through four main innovations:
• One continent, one law: The Regulation will
establish a single, pan-European law for data protection, replacing the current
inconsistent patchwork of national laws.
• One-stop-shop: The Regulation will
establish a 'one-stop-shop' for businesses: companies will only have to deal
with one single supervisory authority, not 28.
• The same rules for all
companies – regardless of their establishment: Today European companies have to adhere
to stricter standards than companies established outside the EU but also doing
business on our Single Market.
• European regulators
will be equipped with strong enforcement powers: data protection
authorities will be able to fine companies who do not comply with EU rules with
up to 2% of their global annual turnover.
"A
message to our American friends. Data Protection rules should apply irrespective
of the nationality of the person concerned. Applying different standards to
nationals and non-nationals makes no sense in view of the open nature of the
internet." - Vice-President Viviane Reding, EU Justice Commissioner.
More in the press pack.