MENU

Data Protection - International Policy

LinkedIn Twitter Facebook
data-protection-1060x491.jpg

 

Andrew McClelland International Data Protection

Author: Andrew McClelland

 

In this first of an occasional series of updates, EWW highlights some changes in the international policy field that could impact business selling cross-border. This edition focuses on data protection.

 

The latter half of 2015 has seen some interesting developments in this area. A core principle of international data protection between the European Union (EU) and the United States (US) has been shaken, Russia has introduced new requirements for businesses processing consumer data and the EU has moved forward on agreeing the next raft of data protection legislation.

 

The first instance is around safe harbor. Safe harbor is an understanding between the US and EU providing certainty for data controllers in the US who collect and store data of European citizens, or EU-based businesses who use third parties in the US to process this information. Under EU regulations – the Data Protection Directive (DPD) – businesses collecting and processing data on European citizens can only transfer data to other territories who have similar policies as the EU. Safe Harbor was a mechanism which allowed for this transfer of data. However, following certain privacy concerns and issues where US authorities were able to access consumer data, the Court of Justice of the European Union (CJEU) ruled that Safe Harbor no longer provided the legal certainty required.

 

There is no suggestion at this stage that businesses relying on Safe Harbor agreements will be pursued by data protection authorities. However, it could be worth checking any third party agreements to ensure that risk is transferred appropriately and that partners are taking the necessary steps to ensure that their processes meet the requirements of the DPD or national implementations of the directive. In the case of the UK, this is the Data Protection Act 1998 (Article 25).

 

On the second point, Russian authorities introduced the data localisation law, which came into force on 1 September 2015. Businesses collecting and processing the personal data of Russian consumers must look to carry out the activity on servers based in that country. Roskomnadzor (eng.rkn.gov.ru/ ), the Russian data protection authority, is the competent authority responsible for implementing the law and its published list of companies that will be inspected in 2015 doesn’t include any international business. However, spokesmen are quoted to suggest that whilst they understand that big business require time to make appropriate changes, Roskomnadzor do have the authority to investigate non-compliance if required. There are a variety of reports as to what has motivated this new approach but businesses trading with Russian consumers are advised to watch for updates closely. For example, ensuring that any new registration requirements are fulfilled.

 

At an EU level, the long-running process of updating the 1998 Data Protection Directive continues. Including wide-ranging proposed changes to bring data protection requirements in-line with modern technology and consumer activities, the legislation is currently under ‘trilogue’ negotiations between the European Commission, European Parliament and the European Council. Adoption of the new data protection rules is expected around the middle of 2016 with the new regulation possibly coming into force during 2018 (has to be two years from date of adoption). Whilst the details are still being discussed, new levels of fines and notification periods for data breaches are expected. Other areas to look out for include new definitions around what constitutes personal data; how consent relating to data processing activities is gathered; rights around data portability and the rights of a data subject to have their data file deleted (forgotten). The last two points, when combined, could have significant consequences for business customer retention and marketing activities.

 

When combined with the increasing regularity of cyber-attacks and data breaches, data protection should be at the top of any business’ priority list. Not only is customer data their biggest asset, it could also be their biggest point of failure. The global nature of business now requires a global view on data protection policies and procedures.

 

Disclaimer:
This document is provided for general information purposes only and does not constitute legal, investment or other professional advice on any individual matter. Whereas every effort has been made to ensure that the information given in this document is accurate, eCommerce Worldwide, our partners and sponsors accept no liability for any errors, omissions or misleading statements, and no warranty is given or responsibility accepted as to the standing of any individual, firm, company or other organisation mentioned. Publication as well as commercial and non-commercial transmission to a third party is prohibited unless prior permission is obtained from eCommerce Worldwide. The views expressed in this publication do not necessarily reflect the views of eCommerce Worldwide.

LinkedIn Twitter Facebook

Royal Mail Sponsor

Register today for unlimited article views, and unique insights

Register Now

Building an eCommerce fraud prevention strategy for Germany

Building an eCommerce fraud prevention strategy for Germany

Being the world’s fifth largest eCommerce market, Germany has become an exceptionally popular destination for online merchants looking to sell their goods and services. However, retailers should still be aware of the high levels of fraud to do with their number one payment method. Therefore, what do you need to know about building an eCommerce fraud prevention strategy for Germany?
Interview with Kai Li, Vice President of International at Revolve

Interview with Kai Li, Vice President of International at Revolve

eCommerce Worldwide Cross-Border Summit 2017 - Ahead of our annual event on 24th May, we interview Kai Li, Vice President of International at Revolve Clothing, to learn from his experience and knowledge in cross-border trading.
How does device usage differ in France, Germany, and the UK?

How does device usage differ in France, Germany, and the UK?

It is well known that the use of smartphones and tablets has grown rapidly but which device dominates the traffic and at what time of day across France, Germany and UK? And how does device usage differ between these Countries?
Delivery into Russia: what you need to know

Delivery into Russia: what you need to know

Online retailers know the opportunities that comes with expansion into Russia but entering this massive market comes with its delivery challenges. However, what do you need to know about trading and delivery into Russia?
Using non-commercial organisations to grow your online retail business in Russia

Using non-commercial organisations to grow your online retail business in Russia

Russia is frequently perceived by foreign retailers as a complicated and risky environment but there are a number of organisations in Russia that can help you understand this market environment and the rules by which the market plays. But who are they?
Agenda Announced for eCommerce Worldwide Cross-Border Summit 2017

Agenda Announced for eCommerce Worldwide Cross-Border Summit 2017

The agenda has been announced for the eCommerce Worldwide Cross-Border Summit and it boasts a wealth of retail experts with years of experience between them in expanding their brands overseas.
What can UK online retailers learn from major sales events in China?

What can UK online retailers learn from major sales events in China?

By cleverly orchestrating a string of headline-grabbing shopping holidays throughout the year, China is reinventing retail. But why are Chinese consumers embracing these shopping frenzies so readily and offers and how can overseas retailers learn from this to gain and maintain the competitive edge?
How WeChat is used for Business

How WeChat is used for Business

WeChat has been a hot topic for many marketers for a long time. However, how much do we really know about the most used social network in China? And how is WeChat used for business?
Ecommerce in Australasia

Ecommerce in Australasia

The New Zealand and Australia cross-border eCommerce markets are booming and it is looking to continue this way for the coming years. With almost 17 million savvy and highly engaged online shoppers in the region, what do you need to know about these eCommerce markets and which are the most successful retail sites there?
Ecommerce shipping to Australia

Ecommerce shipping to Australia

It’s easy for any retailer to be attracted to the impressive digital adoption Australia has taken with online retail sales of USD $9.5 bn last year. However, this success is not without its challenges as shipping into this widely fragmented country can affect your business - but how?

Contact Us

eCommerce Worldwide
2 Ching Court
49-53 Monmouth St
London
WC2H 9EY

Tel: 0203 696 0980
2016© eCommerce Worldwide

Keep In Touch

powered by Affino

About eCommerce Worldwide

eCommerce Worldwide provides online retailers with all the information, and resources, they need to develop cross-border strategies for entering new markets around the world
Read More