- European Union officials reached agreement on the final text of the new EU-wide privacy bill, the Wall Street Journal reports.
- The new law, which took four years to come to fruition, will replace a patchwork of 28 different sets of national privacy laws.
- EU officials agreed that fines would rise to a maximum of 4% of a company’s world-wide revenue, which had been the final sticking point in negotiations
The text of the bill must still be approved by the European Parliament and EU governments. If approved, the law would go into effect in two years.
In addition to restricting online privacy, the law would also restrict how analytics and advertising companies can re-use data harvested from individuals.
But some tech executives say the new rules will restrict their ability to do business.
“For the first time, a law is trying to put extensive limits around the pervasive generation of data that happens now by default,” said Eduardo Ustaran, a privacy lawyer for Hogan Lovells, who works with U.S. tech firms. “Because business in general is becoming more data-dependent, every business will be affected.”
But officials say that by enforcing a strict privacy standard, the EU will create an environment where pro-privacy business models can thrive.
“The new rules will give businesses legal certainty by creating one common data protection standard across Europe,” said Jan Philipp Albrecht, a member of European Parliament. “[The rules] will give users back the right to decide [about] their own private data.”