Data Protection - International Policy

LinkedIn Twitter Facebook
data-protection-1060x491.jpg

 

Andrew McClelland International Data Protection

Author: Andrew McClelland

 

In this first of an occasional series of updates, EWW highlights some changes in the international policy field that could impact business selling cross-border. This edition focuses on data protection.

 

The latter half of 2015 has seen some interesting developments in this area. A core principle of international data protection between the European Union (EU) and the United States (US) has been shaken, Russia has introduced new requirements for businesses processing consumer data and the EU has moved forward on agreeing the next raft of data protection legislation.

 

The first instance is around safe harbor. Safe harbor is an understanding between the US and EU providing certainty for data controllers in the US who collect and store data of European citizens, or EU-based businesses who use third parties in the US to process this information. Under EU regulations – the Data Protection Directive (DPD) – businesses collecting and processing data on European citizens can only transfer data to other territories who have similar policies as the EU. Safe Harbor was a mechanism which allowed for this transfer of data. However, following certain privacy concerns and issues where US authorities were able to access consumer data, the Court of Justice of the European Union (CJEU) ruled that Safe Harbor no longer provided the legal certainty required.

 

There is no suggestion at this stage that businesses relying on Safe Harbor agreements will be pursued by data protection authorities. However, it could be worth checking any third party agreements to ensure that risk is transferred appropriately and that partners are taking the necessary steps to ensure that their processes meet the requirements of the DPD or national implementations of the directive. In the case of the UK, this is the Data Protection Act 1998 (Article 25).

 

On the second point, Russian authorities introduced the data localisation law, which came into force on 1 September 2015. Businesses collecting and processing the personal data of Russian consumers must look to carry out the activity on servers based in that country. Roskomnadzor (eng.rkn.gov.ru/ ), the Russian data protection authority, is the competent authority responsible for implementing the law and its published list of companies that will be inspected in 2015 doesn’t include any international business. However, spokesmen are quoted to suggest that whilst they understand that big business require time to make appropriate changes, Roskomnadzor do have the authority to investigate non-compliance if required. There are a variety of reports as to what has motivated this new approach but businesses trading with Russian consumers are advised to watch for updates closely. For example, ensuring that any new registration requirements are fulfilled.

 

At an EU level, the long-running process of updating the 1998 Data Protection Directive continues. Including wide-ranging proposed changes to bring data protection requirements in-line with modern technology and consumer activities, the legislation is currently under ‘trilogue’ negotiations between the European Commission, European Parliament and the European Council. Adoption of the new data protection rules is expected around the middle of 2016 with the new regulation possibly coming into force during 2018 (has to be two years from date of adoption). Whilst the details are still being discussed, new levels of fines and notification periods for data breaches are expected. Other areas to look out for include new definitions around what constitutes personal data; how consent relating to data processing activities is gathered; rights around data portability and the rights of a data subject to have their data file deleted (forgotten). The last two points, when combined, could have significant consequences for business customer retention and marketing activities.

 

When combined with the increasing regularity of cyber-attacks and data breaches, data protection should be at the top of any business’ priority list. Not only is customer data their biggest asset, it could also be their biggest point of failure. The global nature of business now requires a global view on data protection policies and procedures.

 

Disclaimer:
This document is provided for general information purposes only and does not constitute legal, investment or other professional advice on any individual matter. Whereas every effort has been made to ensure that the information given in this document is accurate, eCommerce Worldwide, our partners and sponsors accept no liability for any errors, omissions or misleading statements, and no warranty is given or responsibility accepted as to the standing of any individual, firm, company or other organisation mentioned. Publication as well as commercial and non-commercial transmission to a third party is prohibited unless prior permission is obtained from eCommerce Worldwide. The views expressed in this publication do not necessarily reflect the views of eCommerce Worldwide.

LinkedIn Twitter Facebook

Royal Mail Sponsor

Register today for unlimited article views, and unique insights

Register Now

Delivery preference of Dutch and Belgian online shoppers

Delivery preference of Dutch and Belgian online shoppers

Dutch and Belgian consumers are increasingly buying their goods online, but they differ in how they want those goods delivered. A savvy online retailer needs to localise its delivery options to meet these local requirements. But what are these delivery preferences?
The fundamentals of retail: Which European countries are leading the way?

The fundamentals of retail: Which European countries are leading the way?

From delivering on promise, to quickly resolving contact centre queries, to minimising the amount of returns, there are myriad aspects for retailers to get right when it comes to delivering a great customer experience. But which European countries are most successfully delivering on the fundamentals of retail?
Beyond Black Friday: Unmissable international events for 2017 eCommerce plans

Beyond Black Friday: Unmissable international events for 2017 eCommerce plans

In the US, the day after Thanksgiving has been a key focus for US shopping. Now, Black Friday is becoming the unofficial start to the Christmas shopping season in countries across the world. But there are hundreds of other events across the world to be aware of when developing an international strategy. Here are a few...
How UK retailers use localisation to succeed in Asia

How UK retailers use localisation to succeed in Asia

Expansion into Asia can be a natural next step for a successful business and with UK brands such as Burberry, The Body Shop and Lush having all had huge international success, what can we learn from these brands?
Why international e-tailers should re-visit the top of the funnel

Why international e-tailers should re-visit the top of the funnel

The role of brand awareness is increasingly critical to international expansion and with various platforms offering better reach and targeting than ever before, why is it important for international retailers to revisit the top of the funnel to help create a more compelling picture?
‘Your Global Consumer Isn’t Who You Think She Is’ - An Interview with Kai Li from Revolve Clothing

‘Your Global Consumer Isn’t Who You Think She Is’ - An Interview with Kai Li from Revolve Clothing

Kai Li, Vice President of International for Revolve Clothing, took part in an insightful Q&A session and shared his approach to expanding businesses into new Countries and why identifying his business’s value proposition in those countries is critical.
Black Friday growing strongly in Brazil

Black Friday growing strongly in Brazil

The phenomenal performance of Black Friday rippled around the world and Brazil was no different with eCommerce Brasil reporting billions in sales. So what are the figures coming out of Brasil on this bargain-hunting shopping day?
eCommerce in Brazil: Going local is key

eCommerce in Brazil: Going local is key

As with anywhere, Brazil has its fair share of problems – but with a population of 200 million, a tech-savvy and consumption-driven middle class and arguably the most internet-connected population in the world, is Brazil seen as a necessary evil for international merchants looking to expand internationally?
Quality of delivery offer important to Dutch shoppers

Quality of delivery offer important to Dutch shoppers

Cross-border eCommerce in Belgium and the Netherlands is making big strides and with a population of 28 million people and combined GDP of €1.08trn and English spoken widely, it’s no wonder it offers an attractive market to international merchants looking to expand into new territories. But does the quality of delivery offered that important to Dutch shoppers?
How to maximise your chances of success in India

How to maximise your chances of success in India

eCommerce is growing at an unprecedented rate in India thanks to a number of factors and with the percentage of online retail sales growing rapidly, what do retailers need to consider in order to maximise their chances of success in India?

Contact Us

eCommerce Worldwide
2 Ching Court
49-53 Monmouth St
London
WC2H 9EY

Tel: 0203 696 0980
2016© eCommerce Worldwide

Keep In Touch

powered by Affino

About eCommerce Worldwide

eCommerce Worldwide provides online retailers with all the information, and resources, they need to develop cross-border strategies for entering new markets around the world
Read More