SIGNIFICANT PROPOSED changes in data protection legislation will expand markets and decrease paperwork and costs, rather than create barriers, the European Commission has assured small and medium businesses.
The commission was “thinking small first” and aiming to make data protection regulation more transparent, efficient and helpful to SMEs, a spokesman for the commission said at a briefing yesterday.
The legislation will impose a consistent set of rules across member states, which currently each set their own data protection rules and sanctions.
“I think it will strengthen the internal market,” commissioner Viviane Reding, who is responsible for the proposals, said at the briefing. “The internal market is blocked today because of 27 different sets of legislation.”
She said Europe had “very low figures” for cross-border e-commerce – only 6 per cent of Europeans buy online from another EU country – “because they have no confidence” in internet transactions and the security of their data. If Europeans have greater trust that their data would not be misused, they would buy and use services more, she said.
SMEs themselves refrain from developing businesses cross-border “because of costs and regulation concerns” and the new legislation would eliminate some of those, she said.
The proposed legislation, which was introduced on January 25th but is unlikely to be voted on by the European Parliament before the summer of 2013, contains sweeping changes to existing legislation.
It would impose significant fines for data breaches of up to 2 per cent of annual global revenue, oblige companies to get explicit consent to gather data from users of online services, mandate “data portability” from one service to another, and give Europeans a novel “right to be forgotten” by requiring social media services to permanently delete on request information an individual has uploaded or provided themselves.
But it will also create a single data protection authority in each country enforcing a single set of EU-wide rules. Companies will not have to do paperwork for each country and worry about different protection regimes.
“It’s very difficult for lots of small companies to comply with all the reporting requirements today,” Ms Reding said.
This will save companies €2.3 billion annually, according to impact studies, Ms Reding said.
Multinational companies will also benefit in similar ways, according to the commission.
Jean Gonie, Microsoft’s director for data privacy, said Microsoft welcomed the changes even if it did not agree with every aspect of them. “We have advocated many years for harmonisation.”
