The European Union (EU) is set to bring in stricter data security laws that will see companies forced to act when there has been a breach.
One of the regulations will mean that companies have to report any breaches of data to the relevant authorities or incur stiff penalties. The various members of the EU are set to agree on the new laws, which would remove the 28 different sets of regulations and ensure that the regulators of the industry have stronger enforcement powers.
One of the main issues with the data security regulations currently in place at the moment is that they were established back in the 1990s and the fines that can be applied for non-compliance are relatively small. The new laws could impose sanctions equivalent to up to 5% of global revenue. It is hoped that companies will become more aware of data protection requirements and regulations.
It is also hoped that the new laws will help companies to do business within the EU, as they will only have to deal with one regulator rather than many different ones. An example of this is the issues that Facebook has been having in Europe. The Belgian Privacy Commission has been in dispute with the site, with Facebook believing that as its European HQ is in Ireland, it should be regulated in that country.
The new law will mean that a data breach will have to be reported within 72 hours and customers will have to be informed as soon as possible.