Five key concerns for firms to consider with revised Data Protection laws

The European Commission (EC) has unveiled the first draft of its revised Data Protection Directive aimed at overhauling Europe's outdated data regulations.

European justice commissioner Viviane Reding said the changes would benefit citizens and businesses by making the data protection regime a more relevant, straight-forward system to adhere to.

"The protection of personal data is a fundamental right for all Europeans, but citizens do not always feel in full control of their personal data," she said.

"My proposals will help build trust in online services because people will be better informed about their rights and in more control of their information. The reform will accomplish this while making life easier and less costly for businesses."

Unsurprisingly, several of the key proposals put forward could have huge financial and operational ramifications for organisations.

As such V3 has highlighted some of the most important aspects of the new document and what they will mean for firms in the future.

1. The directive will be enforced identically across the European Union

One of the major elements of the new law is its change from a Directive to a Regulation.

This means the law will be same in each of the 27 member states across the European Union (EU) in an effort to make it easier for firms to operate across the region under the same legal framework.

"Business are worried as they face many varied, sometimes contradictory, data protection requirements due to different nationals laws [and] different ways national data authorities apply these laws," Reding said.

"A patchwork of laws leads to legal uncertainty, making it hard for companies, start-ups, and SMEs to do business in the single market."

However, while there are clear benefits for firms operating across Europe having one set of laws to adhere to, there are also several new hurdles it could create, chiefly an increase in bureaucracy and the costs to firms in the UK to comply with European-wide legislation.

"The draft regulation will greatly increase the cost of compliance for business, particularly in the UK where we have enjoyed a relatively relaxed but pragmatic, business-friendly regime to date," said Quentin Archer, a partner at law firm Hogan Lovells.

"The bureaucratic notification rules have gone, but they have been replaced by a new principle of accountability which will cost business more in the long term."