Tag Archives: privacy

EU draft directive on privacy

Posted on by
Reply

Privacy laws – enforcement to get teeth ?

We may all agree that data protection and privacy laws are becoming an increasingly important area of law, as brought into very sharp focus by the extent of the News of the World hacking scandal.

The problem with data protection, on an everyday basis, is the sheer scale of the problem. It is one thing having laws in place, another thing entirely to police those laws when the resources needed to do so consistently would need vast resources.

The Data protection Act has been around for some time, and from time to time there are indications and posturing suggesting that the Information Commissioners Office (ICO) plan to get tough. The difficulty however is that most small businesses don’t really take this seriously. Many are still partially if not fully unaware of their obligations, and those that are, may understandably think there is safety in numbers. Most businesses understand the threats to their business by data theft but few really understand or implement the requirements to protect data of customers and others in the way in which the Act requires.

So, we take with a  pinch of salt the latest development whereby the European Commission is pushing for the power to fine businesses up to 5% of  turnover for breach of privacy laws. This would be actioned under the Data Protection Directive which will be published in daft in early 2012.

This planned change is clearly largely aimed at larger organizations and is also mooted to contain stipulations, in draft, that would mandate organisations with over 250 employees to have full-time staff dedicated to data protection.

In the current economic conditions, these onerous provisions may prove to be a political hot potato with companies of all sizes struggling just for survival. Don’t get us wrong, data protection and privacy are very important, but until there is a consistent and sensible approach, we don’t think the issue will be improved for the protection of consumers, which is the ultimate aim surely. As things stand, this looks reminiscent of the confused and complicated approach to Health and safety law, with many small companies not even aware of obligations or understanding them in a practical and sensible way.

What do you think ?

Post to Twitter Tweet This Post

Hands still in the cookie jar ?

Posted on by
Reply

Hands still in the cookie jar

The EU Privacy and Electronic Communications Directive came into force earlier this year but businesses were given 1 year to get their act together before any enforcement would be considered. Many readers will be aware that so-called cookies provide a wealth of data for website owners who know what they are doing and allow very targeted marketing to that person.

You may have noticed that when you visit websites, you may mysteriously see adverts for products or similar products you looked at days or weeks ago. This is due to cookies. However, on the other side of this coin is the fact that many think this is a gross invasion of privacy, especially as many people are unaware that data is being collected.

The basis of the new law is that cookies can only be collected if the visitor is specifically made aware that this will happen and given the option of agreeing to this or leaving the site. This in many cases means pop-ups on a website, something which many find frustrating and which reduces the speed and usability which has made the internet such an indispensable daily tool.

 The Information Commissioner’s Office (ICO) has released some new guidance for business this week since it appears that many businesses are still either completely unaware of the new rules, ignoring the rules or struggling to comply. The ICO has indicated that even when the 1 year grace period is over, there will not be a hard approach to compliance but this could perhaps be taken as a signal by many businesses not to take the law seriously, especially given the resources needed to properly police the law would be immense given the millions of websites just in the UK.

This is an interesting area and one we will return to in the New Year.

If you are a business taking steps to comply or struggling to comply with the legislation, we would love to hear from you with details of your approach. If you have any views on whether this legislation is likely to be properly enforced or not, again, please contribute to the blog.

Post to Twitter Tweet This Post