Skip to main content
close search
site logo
Dive Brief

New EU data privacy law will go into effect in 2018

Published April 15, 2016
By
Contributing Editor
Wikimedia; MPD01605

Dive Brief:

  • Companies have two years to comply with new European data privacy laws, the European Parliament ruled on Thursday afternoon.

  • Once the new General Data Protection Regulation law takes effect in 2018, however, companies that mismanage citizens' personal data may have to pay fines equaling up to 4% of their worldwide revenue.

  • Currently, fines for EU data protection violations are very small and unlikely to faze large tech companies like Google or Facebook.

Dive Insight:

After nearly four years of debate, European Union officials are moving forward on the EU-wide digital privacy law. Known as the General Data Protection Regulation, the law creates a strict new legal framework for how companies can use individuals’ personal information and gives EU countries just one set of rules to follow, replacing a patchwork of 28 different sets of national privacy laws. GDPR replaces the outdated 1995 Data Protection Directive.

The GDPR will substantially increase fines for companies that violate the rules, but makes it easier for companies that do business across EU borders to comply. But, it will also make some things more difficult for companies. For example, it will no longer permit pre-checked boxes or systems that require people to "opt out of data collection." 

The statute also makes some things easier for consumers. For example, people will now be able to move their own data between email providers. And now, the "right to be forgotten" ruling is permanent. In 2014, the EU Court of Justice mandated that people could ask for search engines to remove irrelevant information that appears under a person's name on the Internet.

Some companies have already been preparing for the new EU privacy rules. In February, Google announced it would clean search results across all its websites in European countries when accessed from a European country.

Those most affected by the GDPR will likely be organizations that are currently free from EU data protection lawsnamely data processors and those data controllers that are not established in Europeboth of which will find themselves liable for breaches of any EU data they have in their control.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Only Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Eva…
From Cynet Security
December 11, 2024
NeuBird Secures $22.5M in Funding, Announces General Availability of Hawkeye: An AI Teammate f…
From NeuBird
December 11, 2024
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
Celonis Appoints Benoit Fouilland as Chief Financial Officer to Drive Next Phase of Growth
From Celonis
December 05, 2024
Editors' picks
Latest in IT Strategy
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.