Modernisation of data protection laws
Shake-up aims to make companies take data protection more seriously
A modernisation of data protection laws – the biggest in 20 years – could mean huge fines for companies that breach the law about how they store, delete and return data to citizens.
The data protection regulation's aim is to strengthen the rights individuals have over their data and make companies take the issue of data protection far more seriously.
The changes in the data protection laws, originally drawn up in 1995 before mass internet adoption, have been four years in the making.
In December 2015, the EU Commission, Parliament and Council of Ministers reached agreement on the General Data Protection Regulation, and now, after months of negotiations, the document has now gone before the European Parliament for a formal vote.
The rules will come into force in the summer. Then, member states will have two years to comply.
The changes mean potentially bigger fines for companies and data breaches must be reported within 72 hours. Businesses will also be required to show how they are complying with the legislation and will have to be far more transparent about how they are using customer data.
To find out more read the BBC report at http://www.bbc.co.uk/news/technology-36037324