Firms Should Take Note Of EC Privacy Proposals, Warns KPMG

The new rules include a streamlining of the “cookie law”, which has resulted in an overload of consent requests for internet users by clarifying that no consent is needed for non-privacy intrusive cookies. This means cookies to remember shopping cart history or count the number of visitors to that website will no longer require consent.

The new rules ban unsolicited electronic communication by any means, and make national data protection authorities responsible for the enforcement of the confidentiality rules in the GDPR.

The EC said it plans to engage proactively in discussions on reaching “adequacy decisions”, allowing for the free flow of personal data to countries with “essentially equivalent” data protection rules to those in the EU with key trading partners in East and South-East Asia. This will start with Japan and Korea in 2017, as well as interested countries in Latin America and the “European neighbourhood”.

In addition, the EC will make full use of other alternative mechanisms provided by the new GDPR and Police Directive to facilitate the exchange of personal data with other third countries with which adequacy decisions cannot be reached.

The EC hopes to have the new rules in place by the time the GDPR becomes applicable on 25 May 2018.

“The intention is to provide citizens and businesses with a fully-fledged and complete legal framework for privacy and data protection in Europe by this date,” said the EC.

Read more about GDPR

The proposed rules represent the next step for EU regulators, as they attempt to ensure personal data is adequately protected and that users have increased control over how it is collected, used, retained and disclosed, said Mark Thompson, global privacy advisory lead at KPMG.

“For consumers, it means more control over the use of personal data. For businesses, the proposal will be felt in a spectrum of different ways,” he said.

First, for organisations that use cookies for non-intrusive purposes, Thompson said the new rules will make life easier by not requiring consent for non-privacy intrusive cookies that improve an internet experience.

“However, businesses that fall under increased consent requirements, where users are required to take action to allow cookie usage before information can be collected, in certain circumstances, are likely to face some challenges,” he said. “The new rules will allow users more control over their settings, providing an easy way to accept or refuse the tracking of cookies and other identifiers in case of privacy risks.”

Source :

Firms should take note of EC privacy proposals, warns KPMG
Bitcoin and Blockchain Technology Update: Research Paper
ENRON'S MANY STRANDS: THE ACCOUNTANTS; Auditing Firm Goes in Search Of Direction
The Morning Ledger: KPMG Scandal Rattles CFOs
EU ePrivacy Regulation Proposal Falls Short of Parliament’s Expectations
EC lays out plan to control euro clearing
Wells Fargo, Wachovia And The Fed
Europe And US Seal ‘Privacy Shield’ Data Transfer Deal To Replace Safe Harbor
Data Protection Impact Assessments under GDPR: Article 29 Working Party Adopts Draft Guidelines