The European Parliament has approved the reform of the Data Protection Regulation. This changes seeks an adaptation to the digital age by giving more power to European states through tougher measures.
Main changes:
· To ensure the right to be forgotten and to speed up data portability to another service provider
· Strengthening consent from users to the processing of their data and the need for a “clear and affirmative consent”
· The regulation uses a clear and understandable language about privacy clauses to avoid playing with interpretations
· Tougher penalties with fines up to 4% percent of companies´global turnover
· Now large companies have to appoint a data protection officer if they process sensitive data to scale, and have to report if they suffer some leakage of personal data during the next 72 hours.
· A single supervisory authority for complaints relating to data protection to streamline the compliance process
· The right to be informed if personal data have been pirated
This new regulation will enter into force 20 days after being published in the Official Journal of the European Union. Member countries are obliged to transfer the changes to national legislation within two years.