October 29, 2020

From the EU to China, 2016 ushers in new data headaches for companies


Pin It


By Sue Reisinger, From Corporate Counsel

Foreign governments—including , and the —are giving corporate America fits over how companies handle information and data, and the trend is only going to worsen this year.

For example, the European Union is expected to adopt a new regulation early this year that will impose more data burdens on companies, including stricter consent requirements and the so-called “right to be forgotten.” 

In one of the more controversial sections, the law would allow the EU to fine companies up to 4 percent of their annual, global revenue for violations.

In the past, says Wim Nauwelaerts, a partner at Hunton & Williams, “we were hearing from American colleagues that European law was lacking teeth. This is definitely going to change. Can you imagine someone like Apple being fined 4 percent of its revenue?”

Nauwelaerts calls the fine a “novelty” because under former rules each member state had its own approach to enforcement and fines, while some countries’ regulators had no authority to impose fines at all.

The new law also imposes the so-called “right to be forgotten,” which allows individuals to ask for old information to be removed from websites.

And it gives individuals the right to know when their personal information has been hacked during a data breach.

It also instills the right of portability, which Nauwelaerts explains means individuals will be able to have their information brought from one online service provider to another. “The whole idea is to put individuals in charge of their own personal data,” he says.

The details of the law were reached in a compromise in December, and Nauwelaerts says he expects to see it published in the next two or three months. The law will take effect two years after it is published.

“In business, two years is actually pretty short,” Nauwelaerts says. “That transition period probably is not even enough time to put the needed compliance mechanisms in place. The law brings privacy to the top of the agenda of every multinational company’s board.”

Elsewhere, a new anti-terrorism law that some U.S. companies had opposed already went into effect in China on January 1. Among other things, the law requires telecommunications systems and Internet service providers to provide technical support and assistance, including access to their interfaces and decryption codes, to state security authorities, according to a recent Hunton & Williams blog post.

The law also requires them to monitor information being disseminated over their systems and to remove “terrorist or extremist content.”  A violator faces a fine of about $76,000.

And in Turkey, Twitter filed a lawsuit last Thursday fighting a $50,000 fine imposed for not removing content that Turkey calls “terrorist propaganda,” according to Reuters.

The story says the Turkish government ordered Twitter to remove tweets by a militant Kurdish rights group known as PKK, which it considers a terrorist organization. 

Twitter’s most recent transparency report shows that of 1,103 total removal requests by governments over the first six months of 2015, Turkey by far made the most with 718. Russia was a distant second with 68 requests. Some content was withheld in 34 percent of the Turkish cases, the report shows.

For more on this story go to: http://www.corpcounsel.com/id=1202746817283/From-the-EU-to-China-2016-Ushers-in-New-Data-Headaches-for-Companies#ixzz3x2rxG9sg

Print Friendly, PDF & Email
About ieyenews

Speak Your Mind