Author: Patrick Whyte / Source: Skift
Few regulators have been as happy to take on corporate interests as the European Union in recent years
What has been most remarkable is the willingness of European Commissioner for Competition Margrethe Vestager to tackle companies from across the Atlantic with the likes of Apple and Google all on the receiving end of heavy fines.
The EU’s inclination to act as the world’s corporate enforcer is likely to be expanded into the realms of privacy and data protection through a new law coming into effect early next year. Experts say that law could have big ramifications for the travel industry.
The new General Data Protection Regulation was approved in April 2016 and will become enforceable across the 28 member states on May 25, 2018.
“The basic principles of data protection law remain the same – the key ones perhaps being that people’s personal information should be treated fairly and securely; it should be kept up-to-date and accurate; it shouldn’t be used for different purposes to those for which it was collected; it should only be transferred to countries outside the European Economic Area which offer an adequate level of protection,” said Jon Baines, Chair of the UK’s National Association of Data Protection Officers.
While the update may keep some things the same, one of the big differences over the previous incarnation is the increased territorial scope.
Any company found flouting these new data protection laws will be punished regardless of where it is based — and the fines could be pretty heavy. A breach of the rules could see fines of up to 4% of annual global turnover or $23.8 million (€20 million), whichever is greatest.
“If you look at the field of competition law, for example, you can honestly say the only level at which the Gooogles, Facebooks and Microsofts have been held back is at the level of the EU. So there…
Click here to read more
