The privacy of internet users is, if the Europe is better protected. This gives users the ‘right to be forgotten’ and the collection of private lwa data restricted. The rules have yet to be approved.
The regulation provides for a ‘right to be forgotten’. If a citizen so requests, a data processor, for example, a social network, data from him or her removal, unless the data is really needed. Companies may also not just collect data, but only if they really need it. Now it is only prohibited to collect data if that ‘excessive’ is.
The regulation is Wednesday presented. Because it is a regulation, not in legislation to be converted before being entered. However, it must first of all the EU member states and the european parliament agree. It is, therefore, still the question of whether the rules in their current form to be entered.
If the regulation is introduced, businesses should consumers be clearly informed when they save information, and the user must provide explicit permission. Data should not just be made public. The default settings of social networks should avoid, for instance, that data is visible to everyone, until these settings are changed.
In the design of systems should be the privacy has become taken and that companies with more than 250 employees will get the obligation for a data protection officer to be appointed. All companies have data breaches within 24 hours report to the local privacy watch dog, in the Netherlands the Dutch data protection authority. Data are according to the plans the property of the citizen, and not of the data processor.
In addition, should a user whose data has been leaked within that period, to be informed. The reporting obligation applies only if it is reasonably possible to comply with. The Dutch government presented at the end of last year a private bill for a duty of disclosure. Thereby, users need only be notified when unencrypted data is leaked.
Requirements companies will not meet the stricter privacy rules, then they can be hefty fines to meet. Privacywaakhonden get more possibilities to act against resolving privacy infractions once. However, the new rules are also benefits for businesses, thinks the European Commission. The privacy policies of the 27 EU member states will be streamlined, allowing companies in different EU-countries are better know where they are. So do they still but on one privacytoezichthouder to justify it, probably in the country where they are registered.
Finally, users have the right to dataportabiliteit. Users may transfer their data from one social network to export them to another social network to be able to import. That right applies only if data in a standardized format are stored. A scheme that restrictions on the querying of data by foreign powers and that in earlier leaked drafts of the regulation have occurred, is deleted.
The new rules apply, if they are adopted, not for the government. There is a separate directive is proposed to update the existing directive for public authorities, including, for example, also opsporingsorganisaties fall. D66 calls it a lack that public sector organisations not covered by the strict privacy regulations, but is generally happy with the new privacy rules.
Also, Bits of Freedom, is ‘broadly’ happy with the new rules. “It is a very good step,” said Ot van Daalen of the burgerrechtenorganisatie. However, placing the organisation a number of comments and the organization was afraid that the rules in consultation with the EU member states have to be relaxed.