THE EUROPEAN COMMISSION has proposed changes to privacy regulations that could see companies like Google fined up to two per cent of their annual revenues if they don't protect user data.
Under the proposals announced by European Union (EU) Justice Commissioner Viviane Reding on Wednesday, users will have the legal right to tell firms to delete their data if there is no legitimate reason to keep it. Following approval by the European Parliament and all EU member states the rules could come into place at the end of 2013,.
Earlier this week we reported that the EU would reveal an overhaul of its data protection policies. The initiative comes after Sony was slammed by lawmakers last year for taking six days to warn its network users about an attack that exposed over 100 million customer accounts.
As expected, companies will be required to inform regulators and affected customers about data breaches as soon as possible.
Reding explained that the proposals "will help build trust in online services because people will be better informed about their rights and more in control of their information".
Reding said, "Vast amounts of personal data are transferred and exchanged, across continents and around the globe in fractions of seconds. The protection of personal data is a fundamental right for all Europeans, but citizens do not always feel in full control of their personal data."
Social networking web sites such as Facebook will not be happy about consumers' rights to ask for information such as pictures to be removed, as users' data is a big part of their business models. Google, Yahoo and Facebook are among those that that collect users' information to target them with advertising, so having to get approval for individual data retention could affect revenues.
Also, web sites that follow users to suggest their next purchase, such as Amazon, are afraid the rules will stop them from customising adverts for users, again causing them to lose revenue.
Marc Dautlich, partner and head of information law at law firm Pinsent Masons, told The INQUIRER, "From what we've heard today these new EU data protection laws will impose a potentially substantial burden on European businesses. While the focus has been on the news that US-based businesses operating on the web, such as Google, Facebook and Microsoft will fall under the jurisdiction of the law when it comes to European consumers, no matter where their servers are located, the impact on home grown businesses is substantial.
"While the new law aims to protect personal data some of the concepts will be extremely expensive for internet businesses to implement. For example the 'Right to be Forgotten' would mean that users could demand that social media networks such as Facebook erase any of their comments, not just from the network itself but the entire web, which would involve unprecedented co-operation with search engines to achieve." µ