Data Privacy Laws Could Make Managing Oil, Gas Data Flows Difficult

“We don’t know what she means by personal data,” McLeod commented.

Even if it’s just personal data, it would make communications more difficult and put companies at risk for potential penalties for violating privacy rights under the new law.

Companies also face more stringent data protection regulations in European Union (EU) member countries. The EU proposed the Data Protection Regulation in January 2012 in order, in part, to update the 1995 EU Directive (95/46/EC) to address challenges from technological advances and globalization and to strengthen online privacy rights.

“EU citizens rights in relation to the processing of personal data is a fundamental right enshrined in various EU constitutional documents,” McLeod noted.

The regulation was expected to be adopted in May 2014 prior to EU parliamentary elections, but appears to have been delayed until 2015, and would take effect in 2017.

The new regulation would be directly applicable across all of the EU in its entirety and with no or little scope for member states for flexibility on the interpretation of provisions. The current regime of regulations has been criticized for its piecemeal approach in compliance standards and enforcement due to differences when the directive was implemented into local law in each of the 28 EU member states, with each state having its own rules which it may or may not enforce, McLeod said.

The new regulation would confirm that EU law would apply to EU citizens’ personal data, even if this data is processed outside of the EU. EU citizens would have to give consent either by statement or clear affirmative action for their personal data to be processed outside the EU, and would have to right to easily withdraw that consent, McLeod noted.

The proposed changes to EU data privacy regulations include the right to be forgotten. This regulations would allow a worker, after a certain period of time from leaving an employer, to ask their former employer to have all data referencing them removed. The regulation would place new restrictions on the ability to profile EU citizens, who would have to be advised of such profiling and had the right to object. EU citizens also would have the right to seek compensation for pecuniary and non-pecuniary damage related to the unlawful processing of data.

Companies who violate the new rules could be fined up to $136 million (100 million euros) or 5 percent of a company’s annual worldwide turnover, whichever is greater, McLeod noted. This is a change from the previous maximum fines of $1.4 million (1 million euros) or 2 percent of annual worldwide turnover.


1234567

View Full Article

WHAT DO YOU THINK?


Generated by readers, the comments included herein do not reflect the views and opinions of Rigzone. All comments are subject to editorial review. Off-topic, inappropriate or insulting comments will be removed.


Most Popular Articles