New laws on data privacy due to take effect this week
THE BIGGEST overhaul of data privacy regulation in the history of the internet will come into force on Friday as businesses scramble to comply with the new rules.
From the end of this week, the new General Data Protection Regulation (GDPR) will give people in the EU new powers to access and control their personal data.
The new rules also give regulators greater power to levy fines on firms who mishandle data or fail to be transparent in how they collect and use personal information.
In the build-up to the roll-out, the Information Commissioner’s Office (ICO) has moved to calm confusion among some businesses over the need to get fresh consent from customers in order to comply with the regulations.
As part of GDPR, company requests for consent on gathering data must be “clear and distinguishable” in easy-to-follow language, and provide a simple way to withdraw consent.
This has lead to dozens of firms sending out emails asking customers to confirm they have their consent to continue to contact them.
But while the ICO said GDPR does “set the bar high” for consent, the regulator has warned that in some cases, sending further emails could risk non-compliance through difficult-to-follow messages, breaching new openness and transparency rules.
The new laws also strengthen the jurisdiction of EU regulators.