Data protection has been a very hot topic since the NSA spying scandal following Edward Snowden’s disclosures. In the spring of 2014, European Parliament adopted a regulation on personal data protection. 2015 promises to be a key year because the EU member states have to reach an agreement now.
The new regulation includes key measures for protecting the data of EU citizens: personal data breach notification requirement, impact evaluation analysis for the riskiest processing of data, clarifying of consent to collect and process personal data, creation of new rights concerning data portability and the deleting of personal information, as well as fines up to 5% of global annual turnover for companies who violate the rules.
This sends a highly strong signal that there is a will to be effective in compelling companies and public administration to take on their responsibilities. The French Government’s view about data protection is that it can be a real economic asset for EU. It will increase the quality standards for European digital solutions and thus reinforce their attractiveness to the users.
However the negotiations between the European member states will not be easy. Some of the countries’ approaches about data protection are strongly different. There is a need for balance between the individuals’ right to data protection and the need of digital companies to process data.
What we do know is that the new legislation will strongly impact the technical constraints for the IT sector. Good development practises will have to evolve quickly with new quality processes including web security. In the information technology age, web security has become a new battle for freedom and democracy.