Firms Should Take Note Of EC Privacy Proposals, Warns KPMG

The new rules include a streamlining of the “cookie law”, which has resulted in an overload of consent requests for internet users by clarifying that no consent is needed for non-privacy intrusive cookies. This means cookies to remember shopping cart history or count the number of visitors to that website will no longer require consent.

The new rules ban unsolicited electronic communication by any means, and make national data protection authorities responsible for the enforcement of the confidentiality rules in the GDPR.

The EC said it plans to engage proactively in discussions on reaching “adequacy decisions”, allowing for the free flow of personal data to countries with “essentially equivalent” data protection rules to those in the EU with key trading partners in East and South-East Asia. This will start with Japan and Korea in 2017, as well as interested countries in Latin America and the “European neighbourhood”.

In addition, the EC will make full use of other alternative mechanisms provided by the new GDPR and Police Directive to facilitate the exchange of personal data with other third countries with which adequacy decisions cannot be reached.

The EC hopes to have the new rules in place by the time the GDPR becomes applicable on 25 May 2018.

“The intention is to provide citizens and businesses with a fully-fledged and complete legal framework for privacy and data protection in Europe by this date,” said the EC.

Read more about GDPR

The proposed rules represent the next step for EU regulators, as they attempt to ensure personal data is adequately protected and that users have increased control over how it is collected, used, retained and disclosed, said Mark Thompson, global privacy advisory lead at KPMG.

“For consumers, it means more control over the use of personal data. For businesses, the proposal will be felt in a spectrum of different ways,” he said.

First, for organisations that use cookies for non-intrusive purposes, Thompson said the new rules will make life easier by not requiring consent for non-privacy intrusive cookies that improve an internet experience.

“However, businesses that fall under increased consent requirements, where users are required to take action to allow cookie usage before information can be collected, in certain circumstances, are likely to face some challenges,” he said. “The new rules will allow users more control over their settings, providing an easy way to accept or refuse the tracking of cookies and other identifiers in case of privacy risks.”

Source :

Firms should take note of EC privacy proposals, warns KPMG
Financial Regulatory Developments Focus - January 2017
TTIP: an Agenda for Corporate Plunder
ENRON'S MANY STRANDS: THE ACCOUNTANTS; Auditing Firm Goes in Search Of Direction
BJP will take legal steps over EC’s decision of invalidating votes: Gujarat CM
How to deal with minority shareholders
Can we trust Alibaba’s numbers? Auditor has never faced U.S. regulatory scrutiny
Profit petroleum may be exempt from levy of GST
Firms offer teens £30k jobs to poach them from university courses: Companies receiving up to 100 applications for every post as school leavers shun £9,000-a-year courses
Why You Should Take a Closer Look at California’s New Piece-Rate Legislation