The European Union on Tuesday agreed as expected to adopt a suite of new digital privacy rules that are poised to put a dent in U.S.-based companies that make collecting vast amounts of customer data a big part of their business.
Internet companies like Google and Facebook will risk being sanctioned as much as 4 percent of their global revenue in the event that they run afoul of the privacy-minded provisions accepted by the EU’s 28 member-states during Tuesday’s meeting.
Under the new data protection laws, once in effect, companies can be penalized for misusing user data, ignoring valid “right to be forgotten” requests from customers and failing to disclose data breaches to national regulators within three days’ time. Children under the age of 16 will also need parental consent to use social networking services, and law enforcement agencies will be required to protect the data of individuals collected during criminal investigations or else risk repercussions.
Because the law applies to companies who have customers in the EU regardless of where their operations are based, services they operate by marketing their users’ data will have to make sweeping adjustments to their international policies or risk paying potentially billions in fines. Google’s parent company, Alphabet, could risk fines as high as $2.4 billion under the new rules, USA Today reported, and Apple could face penalties amounting to nearly four-times that cost.
EU countries have independently adopted similar privacy laws of their own as Internet prevalence increased across Europe, but encoding the data protection laws bloc-wide — a maneuver expected to be formalized in 2017 — will enshrine some of the most consumer-minded Internet laws in the world for millions of Europeans.
“With solid common standards for data protection, people can be sure they are in control of their personal information,” Andrus Ansip, the EU’s digital chief, said in a statement.
“These new pan-European rules are good for citizens and good for businesses,” added Věra Jourová, the EU’s commissioner for Justice, Consumers and Gender Equality. “Citizens and businesses will profit from clear rules that are fit for the digital age, that give strong protection and at the same time create opportunities and encourage innovation.”
The European Parliament and EU member states will have to adopt the data protections laws before they’re put on the books, but full implementation is expected to happen within the next two years.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.