Firms Face 100m Euro Fines for Flouting Data Privacy Rules

Internet companies including Facebook, Google, and Yahoo! could face fines of up to EUR 100m (£84.8m) if they break consumer data protection rulings agreed by the EU Civil Liberties Committee yesterday.

Responding to mass surveillance cases, MEPs introduced stronger safeguards for data transfers to non-EU countries, and also agreed on the requirement for explicit consent, a right to erasure, and bigger fines for firms that break the rules.

The EU rulings would give people the right to have their personal data erased on request, which would include what the committee calls the 'right to be forgotten'. Other proposals include limiting the extent to which an Internet firm can profile a consumer, in order to predict factors such as their economic situation, location, health or behaviour.

Companies or organisations found to be flouting these regulations could face fines of up to EUR 100m (£84.8m), or up to 5% of annual worldwide turnover, whichever is the greater.

Jan Philipp Albrecht (pictured), a German Green Party politician sponsoring the bill in the EU assembly, commented: 'This evening's vote is a breakthrough for data protection rules in Europe, ensuring that they are up to the challenges of the digital age. This legislation introduces overarching EU rules on data protection, replacing the current patchwork of national laws.'

According to Albrecht, the ball is now in the court of member state governments to agree a position and start negotiations.