Saturday

18th Aug 2018

New EU fines will apply to 'old' data breaches

  • EU citizens will have more rights under a new general data protection regulation (Photo: Roel Wijnants)

Companies operating in the EU that are currently hiding serious data breaches similar to those that rocked Facebook last month better disclose those before 25 May, or be prepared to pay serious fines.

On that date, the EU's new general data protection regulation (GDPR) will come into force. The new EU regulation will require that companies that process personal data inform the relevant data protection authority in case of a data breach.

Read and decide

Join EUobserver today

Support quality EU news

Get instant access to all articles — and 18 year's of archives. 30 days free trial.

... or join as a group

If the compromised personal information is sensitive, companies will need to inform their customers too.

Failure to do so may lead to a fine, which could be up to €10m or two percent of the company's annual turnover, whichever is higher.

A European Commission official confirmed on Monday (9 April) that data breaches that happened before 25 May, but are kept silent until after that, will also be liable for such a fine.

"If this behaviour [of keeping a data breach secret] would continue - even if it started a long time ago and continues - and is discovered after the GDPR comes into play, then it's relevant," said the source.

The official briefed journalists on Monday on a swathe of digital affairs, a day ahead of the EU's Digital Day in Brussels, on the condition of anonymity. He made his comments on the GDPR when asked about it by EUobserver.

"If you discover the crime the moment it happens, but it started a long time ago, this doesn't really matter. This is not retroactive application, this is application of the actual case," he noted.

The official stressed that the 25 May deadline has been public knowledge for over a year.

"If there is a breach discovered the day after, the GDPR will apply," he said.

"I hope that every company dealing with our personal data takes the May deadline very, very seriously," he added.

This means that for companies that still have a kept-secret data breach, it may merit to fess up before 25 May.

In two recent high-profile cases of data breaches, they were revealed by media reports. Last month, it was revealed that Facebook users' data had been shared with UK consulting firm Cambridge Analytica without those users' consent.

Last November, Uber was shown to have covered up for over a year personal information of 57 million of its users.

EU to probe UK 'election-rigging' firm

MEPs are to investigate whether UK firm Cambridge Analytica and Facebook misused private data to sway votes amid increasingly lurid revelations.

Focus

Are EU data watchdogs staffed for GDPR?

The success of the new general data protection regulation (GDPR) will depend on whether data protection authorities enforce the new rules - which, in turn, will be at least partly determined by how many people they employ.

News in Brief

  1. Germany and Greece strike deal on taking back migrants
  2. Merkel confronts far-right critics: '2015 will not be repeated'
  3. UN: Predictable disembarkation process urgently needed
  4. Slovenia set to select former comedian as prime minister
  5. Polish president to veto election rule helping big parties
  6. MEPs blast UK 'alphabetical approach' on citizens rights
  7. EU hits back over Salvini's blame for bridge collapse
  8. Poll: Sweden's social democrat-led government set to win again

Opinion

The systemic risk that Europe has to face

One of the biggest systemic risks across Europe, illustrated by Hungary and Poland, is the dominance of the executive power over the judiciary and informal channels of political dependency.

Schengen at stake in Austria-Germany talks

German interior minister Horst Seehofer is in Vienna on Thursday - as his plan to reject some asylum seekers was met by an Austrian threat to close its borders too.

Stakeholders' Highlights

  1. ACCACompany Law Package: Making the Best of Digital and Cross Border Mobility,
  2. IPHRCivil Society Worried About Shortcomings in EU-Kyrgyzstan Human Rights Dialogue
  3. UNESDAThe European Soft Drinks Industry Supports over 1.7 Million Jobs
  4. Mission of China to the EUJointly Building Belt and Road Initiative Leads to a Better Future for All
  5. IPHRCivil society asks PACE to appoint Rapporteur to probe issue of political prisoners in Azerbaijan
  6. ACCASocial Mobility – How Can We Increase Opportunities Through Training and Education?
  7. Nordic Council of MinistersEnergy Solutions for a Greener Tomorrow
  8. UNICEFWhat Kind of Europe Do Children Want? Unicef & Eurochild Launch Survey on the Europe Kids Want
  9. Nordic Council of MinistersNordic Countries Take a Stand for Climate-Smart Energy Solutions
  10. Mission of China to the EUChina: Work Together for a Better Globalisation
  11. Nordic Council of MinistersNordics Could Be First Carbon-Negative Region in World
  12. European Federation of Allergy and AirwaysLife Is Possible for Patients with Severe Asthma

Latest News

  1. EU gets record response on 'summertime' consultation
  2. 'Nativism' and the upcoming Swedish and Bavarian elections
  3. Former Malta opposition leader fears for his life
  4. Women shun EU-funded site for female entrepreneurs
  5. Building a Europe more resilient to terrorism
  6. Brexit talks resume as chance of 'no deal' put at 50:50
  7. US trial sheds light on murky Cyprus-Russia links
  8. Burned cars fuel Swedish election debate

Join EUobserver

Support quality EU news

Join us