Tag Archives: data protection

EU draft directive on privacy

Posted on by
Reply

Privacy laws – enforcement to get teeth ?

We may all agree that data protection and privacy laws are becoming an increasingly important area of law, as brought into very sharp focus by the extent of the News of the World hacking scandal.

The problem with data protection, on an everyday basis, is the sheer scale of the problem. It is one thing having laws in place, another thing entirely to police those laws when the resources needed to do so consistently would need vast resources.

The Data protection Act has been around for some time, and from time to time there are indications and posturing suggesting that the Information Commissioners Office (ICO) plan to get tough. The difficulty however is that most small businesses don’t really take this seriously. Many are still partially if not fully unaware of their obligations, and those that are, may understandably think there is safety in numbers. Most businesses understand the threats to their business by data theft but few really understand or implement the requirements to protect data of customers and others in the way in which the Act requires.

So, we take with a  pinch of salt the latest development whereby the European Commission is pushing for the power to fine businesses up to 5% of  turnover for breach of privacy laws. This would be actioned under the Data Protection Directive which will be published in daft in early 2012.

This planned change is clearly largely aimed at larger organizations and is also mooted to contain stipulations, in draft, that would mandate organisations with over 250 employees to have full-time staff dedicated to data protection.

In the current economic conditions, these onerous provisions may prove to be a political hot potato with companies of all sizes struggling just for survival. Don’t get us wrong, data protection and privacy are very important, but until there is a consistent and sensible approach, we don’t think the issue will be improved for the protection of consumers, which is the ultimate aim surely. As things stand, this looks reminiscent of the confused and complicated approach to Health and safety law, with many small companies not even aware of obligations or understanding them in a practical and sensible way.

What do you think ?

Post to Twitter Tweet This Post