Data Protection - International Policy

LinkedIn Twitter Facebook
data-protection-1060x491.jpg

 

Andrew McClelland International Data Protection

Author: Andrew McClelland

 

In this first of an occasional series of updates, EWW highlights some changes in the international policy field that could impact business selling cross-border. This edition focuses on data protection.

 

The latter half of 2015 has seen some interesting developments in this area. A core principle of international data protection between the European Union (EU) and the United States (US) has been shaken, Russia has introduced new requirements for businesses processing consumer data and the EU has moved forward on agreeing the next raft of data protection legislation.

 

The first instance is around safe harbor. Safe harbor is an understanding between the US and EU providing certainty for data controllers in the US who collect and store data of European citizens, or EU-based businesses who use third parties in the US to process this information. Under EU regulations – the Data Protection Directive (DPD) – businesses collecting and processing data on European citizens can only transfer data to other territories who have similar policies as the EU. Safe Harbor was a mechanism which allowed for this transfer of data. However, following certain privacy concerns and issues where US authorities were able to access consumer data, the Court of Justice of the European Union (CJEU) ruled that Safe Harbor no longer provided the legal certainty required.

 

There is no suggestion at this stage that businesses relying on Safe Harbor agreements will be pursued by data protection authorities. However, it could be worth checking any third party agreements to ensure that risk is transferred appropriately and that partners are taking the necessary steps to ensure that their processes meet the requirements of the DPD or national implementations of the directive. In the case of the UK, this is the Data Protection Act 1998 (Article 25).

 

On the second point, Russian authorities introduced the data localisation law, which came into force on 1 September 2015. Businesses collecting and processing the personal data of Russian consumers must look to carry out the activity on servers based in that country. Roskomnadzor (eng.rkn.gov.ru/ ), the Russian data protection authority, is the competent authority responsible for implementing the law and its published list of companies that will be inspected in 2015 doesn’t include any international business. However, spokesmen are quoted to suggest that whilst they understand that big business require time to make appropriate changes, Roskomnadzor do have the authority to investigate non-compliance if required. There are a variety of reports as to what has motivated this new approach but businesses trading with Russian consumers are advised to watch for updates closely. For example, ensuring that any new registration requirements are fulfilled.

 

At an EU level, the long-running process of updating the 1998 Data Protection Directive continues. Including wide-ranging proposed changes to bring data protection requirements in-line with modern technology and consumer activities, the legislation is currently under ‘trilogue’ negotiations between the European Commission, European Parliament and the European Council. Adoption of the new data protection rules is expected around the middle of 2016 with the new regulation possibly coming into force during 2018 (has to be two years from date of adoption). Whilst the details are still being discussed, new levels of fines and notification periods for data breaches are expected. Other areas to look out for include new definitions around what constitutes personal data; how consent relating to data processing activities is gathered; rights around data portability and the rights of a data subject to have their data file deleted (forgotten). The last two points, when combined, could have significant consequences for business customer retention and marketing activities.

 

When combined with the increasing regularity of cyber-attacks and data breaches, data protection should be at the top of any business’ priority list. Not only is customer data their biggest asset, it could also be their biggest point of failure. The global nature of business now requires a global view on data protection policies and procedures.

 

Disclaimer:
This document is provided for general information purposes only and does not constitute legal, investment or other professional advice on any individual matter. Whereas every effort has been made to ensure that the information given in this document is accurate, eCommerce Worldwide, our partners and sponsors accept no liability for any errors, omissions or misleading statements, and no warranty is given or responsibility accepted as to the standing of any individual, firm, company or other organisation mentioned. Publication as well as commercial and non-commercial transmission to a third party is prohibited unless prior permission is obtained from eCommerce Worldwide. The views expressed in this publication do not necessarily reflect the views of eCommerce Worldwide.

LinkedIn Twitter Facebook

Royal Mail Sponsor

Register today for unlimited article views, and unique insights

Register Now

5 tips for breaking into online retail in France

5 tips for breaking into online retail in France

France boasts being the 5th largest eCommerce market in the world and with an expectation to exceed €80 billion turnover in 2017, for those looking to enter this thriving online market here are five tips that could help you to break into the French online retail space.
Interview with Melanie Smallwood, International Buying Director at Global Fashion Group

Interview with Melanie Smallwood, International Buying Director at Global Fashion Group

eCommerce Worldwide Cross-Border Summit 2017 - Ahead of our annual event on 24th May, we interview Melanie Smallwood, International Buying Director at Global Fashion Group, to learn from her experience and knowledge in cross-border trading around the world.
Interview with Gregor McMillan, Business Development, China at The Hut Group

Interview with Gregor McMillan, Business Development, China at The Hut Group

eCommerce Worldwide Cross-Border Summit 2017 - Ahead of our annual event on 24th May, we interview Gregor McMillan, Business Development, China at The Hut Group, to learn from his experience and knowledge in cross-border trading into China.
Interview with Michael Truluck, CEO at La Redoute

Interview with Michael Truluck, CEO at La Redoute

eCommerce Worldwide Cross-Border Summit 2017 - Ahead of our annual event on 24th May, we interview Michael Truluck, CEO at La Redoute, to learn from his experience and knowledge in cross-border trading.
The latest view on eCommerce in Germany

The latest view on eCommerce in Germany

There are many benefits to entering the German eCommerce market - it’s the 3rd largest online market in Europe and has a very high internet penetration rate, but what other staistics do you need to know before entering this lucrative country?
How to use colour in cross-border online retail

How to use colour in cross-border online retail

Did you know colour can be an important driver of eCommerce sales? Research suggests 85% of buyers make their purchasing decision based on colour so getting it wrong could be a fundamental disaster for any online business. So what is the right colour to use?
Interview with Richard Longhurst, Co-Founder and Director at Lovehoney

Interview with Richard Longhurst, Co-Founder and Director at Lovehoney

eCommerce Worldwide Cross-Border Summit 2017 - Ahead of our annual event on 24th May, we interview Richard Longhurst, Co-Founder and Director at Lovehoney, to learn from his experience and knowledge in cross-border trading.
Building an eCommerce fraud prevention strategy for Germany

Building an eCommerce fraud prevention strategy for Germany

Being the world’s fifth largest eCommerce market, Germany has become an exceptionally popular destination for online merchants looking to sell their goods and services. However, retailers should still be aware of the high levels of fraud to do with their number one payment method. Therefore, what do you need to know about building an eCommerce fraud prevention strategy for Germany?
Interview with Kai Li, Vice President of International at Revolve

Interview with Kai Li, Vice President of International at Revolve

eCommerce Worldwide Cross-Border Summit 2017 - Ahead of our annual event on 24th May, we interview Kai Li, Vice President of International at Revolve Clothing, to learn from his experience and knowledge in cross-border trading.
How does device usage differ in France, Germany, and the UK?

How does device usage differ in France, Germany, and the UK?

It is well known that the use of smartphones and tablets has grown rapidly but which device dominates the traffic and at what time of day across France, Germany and UK? And how does device usage differ between these Countries?

Contact Us

eCommerce Worldwide
2 Ching Court
49-53 Monmouth St
London
WC2H 9EY

Tel: 0203 696 0980
2016© eCommerce Worldwide

Keep In Touch

powered by Affino

About eCommerce Worldwide

eCommerce Worldwide provides online retailers with all the information, and resources, they need to develop cross-border strategies for entering new markets around the world
Read More