More than 90% of Europeans are concerned about mobile apps collecting their data without their consent. Today, an important step was taken to finalise EU data protection rules to help restore that confidence.
Completing the Digital Single Market is one of the top priorities of the European Commission. With a fully functioning Digital Single Market, we can create up to €415 billion in additional growth, hundreds of thousands of new jobs, and a vibrant knowledge-based society. But if citizens do not trust online services, they will not benefit from all the opportunities presented by technology. Confidence is paramount, but it is still far from a reality.
Data protection reform will address this lack of trust. It will strengthen citizen’s rights such as the right to be forgotten, the right to data portability and the right to be informed of personal data breaches. The reform gives national regulators enforcement powers to ensure that these new rules are properly applied. They will be able to impose fines of up to 2% of a company’s annual worldwide turnover.
The data protection reform will strengthen citizens' rights and thereby help restore trust. Nine out of ten Europeans say they are concerned about mobile apps collecting their data without their consent; seven out of ten are concerned about the potential use that companies may make of the information disclosed.
The new rules will put citizens back in control of their data, notably through:
- A right to be forgotten: When you no longer want your data to be processed, and provided that there are no legitimate grounds for retaining it, the data will be deleted.
- Easier access to your own data: Individuals will have more information on how their data is processed and this information should be available in a clear and understandable way.
- The right to know when your data has been hacked: For example, companies and organisations must notify the national supervisory authority of serious data breaches as soon as possible (if feasible within 24 hours) so that users can take appropriate measures.
- Data protection first, not an afterthought: ‘Data protection by design’ and ‘Data protection by default’ will also become essential principles in EU data protection rules – this means that data protection safeguards should be built into products and services from the earliest stage of development, and that privacy-friendly default settings should be the norm – for example on social networks or mobile apps.
With the new rules, individuals will always be able to go to their local data protection authority. The aim is to improve the current system in which individuals living in one Member State have to lodge a complaint with a data protection authority of another Member State, where the company is based. This makes it simpler for citizens – who will only have to deal with the data protection authority in their member state, in their own language.
More about advantages of the reform for businesses and SMEs find here