Firms Should Take Note Of EC Privacy Proposals, Warns KPMG

The new rules include a streamlining of the “cookie law”, which has resulted in an overload of consent requests for internet users by clarifying that no consent is needed for non-privacy intrusive cookies. This means cookies to remember shopping cart history or count the number of visitors to that website will no longer require consent.

The new rules ban unsolicited electronic communication by any means, and make national data protection authorities responsible for the enforcement of the confidentiality rules in the GDPR.

The EC said it plans to engage proactively in discussions on reaching “adequacy decisions”, allowing for the free flow of personal data to countries with “essentially equivalent” data protection rules to those in the EU with key trading partners in East and South-East Asia. This will start with Japan and Korea in 2017, as well as interested countries in Latin America and the “European neighbourhood”.

In addition, the EC will make full use of other alternative mechanisms provided by the new GDPR and Police Directive to facilitate the exchange of personal data with other third countries with which adequacy decisions cannot be reached.

The EC hopes to have the new rules in place by the time the GDPR becomes applicable on 25 May 2018.

“The intention is to provide citizens and businesses with a fully-fledged and complete legal framework for privacy and data protection in Europe by this date,” said the EC.

Read more about GDPR

The proposed rules represent the next step for EU regulators, as they attempt to ensure personal data is adequately protected and that users have increased control over how it is collected, used, retained and disclosed, said Mark Thompson, global privacy advisory lead at KPMG.

“For consumers, it means more control over the use of personal data. For businesses, the proposal will be felt in a spectrum of different ways,” he said.

First, for organisations that use cookies for non-intrusive purposes, Thompson said the new rules will make life easier by not requiring consent for non-privacy intrusive cookies that improve an internet experience.

“However, businesses that fall under increased consent requirements, where users are required to take action to allow cookie usage before information can be collected, in certain circumstances, are likely to face some challenges,” he said. “The new rules will allow users more control over their settings, providing an easy way to accept or refuse the tracking of cookies and other identifiers in case of privacy risks.”

Source : http://www.computerweekly.com/news/450410767/Firms-should-take-note-of-EC-privacy-proposals-warns-KPMG

Firms should take note of EC privacy proposals, warns KPMG
Risk Management: Cyberrisk Insurance
TTIP: an Agenda for Corporate Plunder
MOTION FOR A RESOLUTION
Post demonetisation, Rs 25,000 crore deposited in cash in dormant bank accounts
Looking Out For Me, Myself, And I
Prove independence of auditor KPMG India, SEC tells Wipro
Practitioner Insights
Motor Insurers Need to Adapt to Ward Off Competition from Car Manufacturers
British minister strengthens UK-Caribbean relationship with visit
'