This story is from June 30, 2018
‘GDPR authorities are not fine machines’
Berlin: With the General Data Protection Regulation (GDPR) coming into effect in the
I have received mainly positive feedback about the GDPR. It’s clear that May 25 (the day GDPR came into effect) was the start of a new era for many companies in managing the personal data they are entrusted with. GDPR allows for stronger data security, better data management and better customer relationships.
A major concern among small & medium businesses is that if they fail to comply with the GDPR rules, they would be subjected to hefty fines…
Supervisory authorities are not “fine machines”. There are a range of actions they can take before imposing a fine, such as warnings, reprimands, ordering compliance, and communicating the personal data breach directly to the person concerned.
Is hefty fine the solution to make sure tech companies adhere to rules?
We have had the rules for 20 years with very fragmented and weak sanctions. The reactions of some companies are the clear testimony that these old rules were ignored at times. We want our rules to have teeth and be respected by companies.
I believe they need to restore the trust of their users and of lawmakers. They can do this by respecting the data protection rules and explaining to us and the public how they do that.
Should emerging markets bring in a legislation like Germany’s
India has the potential to become one of the global leaders in data protection. I was happy to see the Supreme Court in India ruled that privacy is a fundamental right. This is common to our view in Europe, as laid down in our
India, which is drafting a privacy law, has seen massive changes in its digital landscape. What should India keep in mind while finalising the privacy law?
Indian authorities should focus on developing strong rights for Indian citizens over their personal data, such as the right to be forgotten or the right to access personal data. We made it clear to European citizens that they have control over their own data and they must be able to exercise their rights freely. This means giving their clear consent to a company to process their personal data. In the GDPR, we have strengthened the conditions for consent, and companies can no longer use long illegible terms and conditions full of legalese.
There is a need for an independent authority to enforce these rules. I also think that these rules need to set up sanctions to give teeth to the law and take action against these companies that do no play by the rules. Of course, similarities with the GDPR would make it easier for Indian business to access the EU market, but each country has to adapt these laws to their specific context. We are looking for countries that offer similar level of protection than the GDPR, not identical.
Ready to Master Stock Valuation? ET’s Workshop is just around the corner!
EU
,European Justice and Consumer Rights Commissioner
Věra Jourová has allayed fears of heavy penalties for small and medium businesses, saying “supervisory authorities are not fine machines”. The Czech lawmaker had branded Facebook as the “highway for hatred” late last year and had to delete her account following extensive trolling. At a time when India is drafting its privacy law, Jourová advised authorities to develop strong rights for citizens over their personal data. Excerpts from an email interview:I have received mainly positive feedback about the GDPR. It’s clear that May 25 (the day GDPR came into effect) was the start of a new era for many companies in managing the personal data they are entrusted with. GDPR allows for stronger data security, better data management and better customer relationships.
A major concern among small & medium businesses is that if they fail to comply with the GDPR rules, they would be subjected to hefty fines…
Supervisory authorities are not “fine machines”. There are a range of actions they can take before imposing a fine, such as warnings, reprimands, ordering compliance, and communicating the personal data breach directly to the person concerned.
Is hefty fine the solution to make sure tech companies adhere to rules?
We have had the rules for 20 years with very fragmented and weak sanctions. The reactions of some companies are the clear testimony that these old rules were ignored at times. We want our rules to have teeth and be respected by companies.
I believe they need to restore the trust of their users and of lawmakers. They can do this by respecting the data protection rules and explaining to us and the public how they do that.
Should emerging markets bring in a legislation like Germany’s
NetzDG law
, which tackles online hate speech & imposes high penalties on social media platforms in their country?India has the potential to become one of the global leaders in data protection. I was happy to see the Supreme Court in India ruled that privacy is a fundamental right. This is common to our view in Europe, as laid down in our
Charter of Fundamental Rights
. We are engaged in dialogue with many countries around the world, including India. We must address challenges that are increasingly global.India, which is drafting a privacy law, has seen massive changes in its digital landscape. What should India keep in mind while finalising the privacy law?
Indian authorities should focus on developing strong rights for Indian citizens over their personal data, such as the right to be forgotten or the right to access personal data. We made it clear to European citizens that they have control over their own data and they must be able to exercise their rights freely. This means giving their clear consent to a company to process their personal data. In the GDPR, we have strengthened the conditions for consent, and companies can no longer use long illegible terms and conditions full of legalese.
There is a need for an independent authority to enforce these rules. I also think that these rules need to set up sanctions to give teeth to the law and take action against these companies that do no play by the rules. Of course, similarities with the GDPR would make it easier for Indian business to access the EU market, but each country has to adapt these laws to their specific context. We are looking for countries that offer similar level of protection than the GDPR, not identical.
Ready to Master Stock Valuation? ET’s Workshop is just around the corner!
Popular from Business
- Taxpayers take note! Income Tax department recovers Rs 37,000 crore from individuals not filing returns despite taxable income
- India’s richest men, Mukesh Ambani & Gautam Adani, drop out of elite $100 billion net worth club: Report
- Rs 12 lakh crore loans written off in 10 years, half of it by PSU banks in last 5 years
- Sukanya Samriddhi Yojana: How to get over Rs 70 lakh corpus from SSY account - check calculator, tax benefits & more details - top facts
- Switzerland suspends most favoured nation status to India, cites Nestle verdict
end of article
Trending Stories
- India’s richest men, Mukesh Ambani & Gautam Adani, drop out of elite $100 billion net worth club: Report
- Tamil Nadu NEET PG 2024 counselling schedule revised for round 2, fresh dates issued: Check official notice here
- Stock market today: BSE Sensex opens over 150 points down; Nifty50 below 24,750
- Rs 12 lakh crore loans written off in 10 years, half of it by PSU banks in last 5 years
- H-1B visas: Approvals for Indian IT firms half since 2015! Elon Musk’s Tesla shows significant increase
- India to be global submarine building hub? Germany’s Thyssenkrupp eyes P75I contract, offers to make submarines here
- Aadhaar Card update for free: Deadline for free update ends on December 14, 2024 - how to update Aadhaar online
Visual Stories
- NEET UG 2024 result awaited: Top 10 NIRF-ranked medical colleges of India
- 7 New Expected Bullet Train Routes in India
- 10 Upcoming High-Speed Expressways That Will Change Highway Travel In India
- 8 Transformational Indian Railways Projects You Shouldn’t Miss
- Why Sensex, Nifty50 Hit New Highs, M-Cap At $5 Trillion: Top Reasons
TOP TRENDS
UP NEXT
Start a Conversation
Post comment