The EU regulation of Data Protection enters into force
At this point, for no one is a surprise the fact that today comes into force the new regulation of data protection issued by the European institutions, with direct application. That is, it does not need any law to be respected by all member states.
The objective: Data Protection of users
The main objective pursued by the new European standard is the protection of Internet users in relation to one of their fundamental rights recognized by all the constitutions of the member states and also by the Charter of Fundamental Rights of the European Union – in its article 8- and the Treaty on the Functioning of the European Union. Until now, the protection of fundamental rights and freedoms of natural persons in relation to the activities of processing personal data was included in Directive 95/46 / EC, of the European Parliament and of the Council. However, the new European regulation comes to repeal this directive, of 1995, and to update the content, adapting to the new era of new technologies and internet.
The New Technological Times
As established by the same standard, rapid technological evolution and globalization have posed new challenges for the protection of personal data. The magnitude of the collection and exchange of personal data has increased considerably thanks to the technological advances and the multiple opportunities that this new era of Internet offers us, among them, greater ease and speed. However, these advances require a stronger and more coherent framework for the protection of a fundamental legal right such as Data Protection within the European community. Legal and practical security must be strengthened for natural persons, economic operators and public authorities.
Consent: a clear affirmative act
One of the hot topics of the regulation is the granting, by the consumer, of his express consent to obtain and collect his data. In other words, in order to request, process and use the data of an Internet user, it will be necessary beforehand that the user has given a clear and express consent that he or she authorizes the processing of their own data. And this rule works for everyone regardless of whether consent was previously given or not.
The biggest example is a subscription to a newsletter. In case we are subscribed to a newsletter, we will have to authorize, again, the consent. Therefore, during the last days and weeks, we have noticed that we are receiving a lot of emails, requesting “renew” the consent, because in any other way, these companies cannot send commercial information to the Internet.
Right to forgetfulness
The regulation also makes express reference to the so-called “right to oblivion“. This right requires Google to take into account the requests of consumers who want to remove certain links from the web that directly concern them.
Consequences of non-compliance
The regulation also establishes fines and penalties in case companies do not treat the data of Internet users in a legal manner. These administrative sanctions range from 10 to 20 million euros, or in the case of a company, from 2 to 4% of the business.
For more information on the topic, please get in touch with Navas & Cusi.