Skip Navigation

Data protection directive to become a regulation

Privacy and data protection policymakers and professionals are coming to grips with the ambitious proposal to convert the current European Union (EU) data protection directive into a regulation. On the proposal, put forth by the European Commission (EC) on 28 January 2012, NAID CEO Bob Johnson said, “I and many others have been predicting that the 1995 directive would emerge from the current revision process as a regulation. A regulation will produce considerably more consistency among EU member states as well as increase the consequences of non-compliance.”

To Johnson’s point, the proposed data protection regulation contains a cap for violations that is 2% of an organization’s global annual revenue. The proposed regulation also shows how the EC would address the issue of breach notification, which, as currently proposed, is one of the central provisions.

A complete synopsis of the proposed data protection regulation and its impact on the secure destruction industry in Europe will be published in the spring edition of NAIDnews. It is already apparent the new regulation will pit data protection advocates against business interests resisting heavier, non-compliance penalties.

Click here to access the proposed EU data protection directive.