Data Protection - International Policy

LinkedIn Twitter Facebook
data-protection-1060x491.jpg

 

Andrew McClelland International Data Protection

Author: Andrew McClelland

 

In this first of an occasional series of updates, EWW highlights some changes in the international policy field that could impact business selling cross-border. This edition focuses on data protection.

 

The latter half of 2015 has seen some interesting developments in this area. A core principle of international data protection between the European Union (EU) and the United States (US) has been shaken, Russia has introduced new requirements for businesses processing consumer data and the EU has moved forward on agreeing the next raft of data protection legislation.

 

The first instance is around safe harbor. Safe harbor is an understanding between the US and EU providing certainty for data controllers in the US who collect and store data of European citizens, or EU-based businesses who use third parties in the US to process this information. Under EU regulations – the Data Protection Directive (DPD) – businesses collecting and processing data on European citizens can only transfer data to other territories who have similar policies as the EU. Safe Harbor was a mechanism which allowed for this transfer of data. However, following certain privacy concerns and issues where US authorities were able to access consumer data, the Court of Justice of the European Union (CJEU) ruled that Safe Harbor no longer provided the legal certainty required.

 

There is no suggestion at this stage that businesses relying on Safe Harbor agreements will be pursued by data protection authorities. However, it could be worth checking any third party agreements to ensure that risk is transferred appropriately and that partners are taking the necessary steps to ensure that their processes meet the requirements of the DPD or national implementations of the directive. In the case of the UK, this is the Data Protection Act 1998 (Article 25).

 

On the second point, Russian authorities introduced the data localisation law, which came into force on 1 September 2015. Businesses collecting and processing the personal data of Russian consumers must look to carry out the activity on servers based in that country. Roskomnadzor (eng.rkn.gov.ru/ ), the Russian data protection authority, is the competent authority responsible for implementing the law and its published list of companies that will be inspected in 2015 doesn’t include any international business. However, spokesmen are quoted to suggest that whilst they understand that big business require time to make appropriate changes, Roskomnadzor do have the authority to investigate non-compliance if required. There are a variety of reports as to what has motivated this new approach but businesses trading with Russian consumers are advised to watch for updates closely. For example, ensuring that any new registration requirements are fulfilled.

 

At an EU level, the long-running process of updating the 1998 Data Protection Directive continues. Including wide-ranging proposed changes to bring data protection requirements in-line with modern technology and consumer activities, the legislation is currently under ‘trilogue’ negotiations between the European Commission, European Parliament and the European Council. Adoption of the new data protection rules is expected around the middle of 2016 with the new regulation possibly coming into force during 2018 (has to be two years from date of adoption). Whilst the details are still being discussed, new levels of fines and notification periods for data breaches are expected. Other areas to look out for include new definitions around what constitutes personal data; how consent relating to data processing activities is gathered; rights around data portability and the rights of a data subject to have their data file deleted (forgotten). The last two points, when combined, could have significant consequences for business customer retention and marketing activities.

 

When combined with the increasing regularity of cyber-attacks and data breaches, data protection should be at the top of any business’ priority list. Not only is customer data their biggest asset, it could also be their biggest point of failure. The global nature of business now requires a global view on data protection policies and procedures.

 

Disclaimer:
This document is provided for general information purposes only and does not constitute legal, investment or other professional advice on any individual matter. Whereas every effort has been made to ensure that the information given in this document is accurate, eCommerce Worldwide, our partners and sponsors accept no liability for any errors, omissions or misleading statements, and no warranty is given or responsibility accepted as to the standing of any individual, firm, company or other organisation mentioned. Publication as well as commercial and non-commercial transmission to a third party is prohibited unless prior permission is obtained from eCommerce Worldwide. The views expressed in this publication do not necessarily reflect the views of eCommerce Worldwide.

LinkedIn Twitter Facebook

Royal Mail Sponsor

Register today for unlimited article views, and unique insights

Register Now

Black Friday growing strongly in Brazil

Black Friday growing strongly in Brazil

The phenomenal performance of Black Friday rippled around the world and Brazil was no different with eCommerce Brasil reporting billions in sales. So what are the figures coming out of Brasil on this bargain-hunting shopping day?
eCommerce in Brazil: Going local is key

eCommerce in Brazil: Going local is key

As with anywhere, Brazil has its fair share of problems – but with a population of 200 million, a tech-savvy and consumption-driven middle class and arguably the most internet-connected population in the world, is Brazil seen as a necessary evil for international merchants looking to expand internationally?
Why international e-tailers should re-visit the top of the funnel

Why international e-tailers should re-visit the top of the funnel

The role of brand awareness is increasingly critical to international expansion and with various platforms offering better reach and targeting than ever before, why is it important for international retailers to revisit the top of the funnel to help create a more compelling picture?
Quality of delivery offer important to Dutch shoppers

Quality of delivery offer important to Dutch shoppers

Cross-border eCommerce in Belgium and the Netherlands is making big strides and with a population of 28 million people and combined GDP of €1.08trn and English spoken widely, it’s no wonder it offers an attractive market to international merchants looking to expand into new territories. But does the quality of delivery offered that important to Dutch shoppers?
How to maximise your chances of success in India

How to maximise your chances of success in India

eCommerce is growing at an unprecedented rate in India thanks to a number of factors and with the percentage of online retail sales growing rapidly, what do retailers need to consider in order to maximise their chances of success in India?
What do Russian consumers want when it comes to cross-border shopping?

What do Russian consumers want when it comes to cross-border shopping?

Russia is the 9th biggest country in the world with roughly 30 million online Russian shoppers in 2015 which only continue to grows in 2016. However, with cross-border shopping being the fastest-growing segment of the Russian eCommerce market, what do Russian consumers want when it comes to cross-border shopping?
The importance of understanding what it is to be Russian

The importance of understanding what it is to be Russian

Russia, in terms of internet penetration, did lag behind most other European countries but is rapidly playing catch up. Not surprisingly, eCommerce has increased alongside internet penetration with an estimated 148 million orders generated in 2015. But with so many unknowns surrounding entering the Russian market, what are the golden rules?
What should retailers know about Russian attitudes to parcel deliveries?

What should retailers know about Russian attitudes to parcel deliveries?

Russia offers a potentially attractive market for international merchants, however the market needs careful consideration in order to get it right. Things to take into account include the distinctly different Russian way of thinking, along with the legal rules and political context of the country. So what are the key things retailers need to know?
Retail Pricing in a post-Brexit world

Retail Pricing in a post-Brexit world

Since Brexit, a number of events have taken place which has meant the price of items has significantly dropped in the UK. But what are the affects of the UK leaving the European Union on retail pricing?
Australia extends tax to foreign eCommerce

Australia extends tax to foreign eCommerce

For a number of valid reasons, Australia is still a destination firmly in the minds of any business looking to expand into the APAC region. With an attractive foreign eCommerce tax law favoring companies coming into Australia, what are the big changes coming down the line in 2017?

Contact Us

eCommerce Worldwide
2 Ching Court
49-53 Monmouth St
London
WC2H 9EY

Tel: 0203 696 0980
2016© eCommerce Worldwide

Keep In Touch

powered by Affino

About eCommerce Worldwide

eCommerce Worldwide provides online retailers with all the information, and resources, they need to develop cross-border strategies for entering new markets around the world
Read More