Companies enjoying the benefits of cloud computing may find that they increase the risk of receiving hefty fines, which could reach hundreds of millions of pounds, under future EU data protection rules.
Vinod Bange, partner at UK law firm Taylor Wessing, warned delegates at a seminar that the risks will be far greater under the new legislation.
"Regulatory sanctions have gone way off the scale in terms of what we are used to right now," said Bange. "The sting in the tail, which did not exist before, is that there is a provision to calculate a fine that is based on a percentage of annual global turnover. That’s big news and a big change," he added.
"Organisations have moved on so much since the original legislation in 1995. In this globalised, outsourced, social media, cloud driven environment, you could end up with a third tier fine."
Under the proposed EU laws, regulators would be able to fine companies according to three different tiers:
- Tier 1 – €250,000 or 0.5% of global annual turnover
- Tier 2 – €500,000 or 1% of global annual turnover
- Tier 3 – €1 million or 2% of global annual turnover
Third tier fines include breaches that relate to international data transfers, an error that could occur more easily when using cloud computing, thanks to datacentres located in international territories.
Bange warns that this could lead to far greater fines than the maximum that can be issued by the local data protection authorities, and enterprises need to realise that signing off on this risk is significant.
"The risk for companies is much higher than what we are faced with at the moment. Signing off on that risk is a very different ball game compared to what exists right now," said Bange.
"Looking at the average turnover of a FTSE 100 company and a Tier 3 fine, it could be a fine reaching hundreds of millions of pounds," he added. "Who within your organisation has the authority to sign off a risk of that proportion?"
The shake-up of the EU’s data protection rules is being pushed through in a bid to eliminate disparity between different laws across the EU’s 27 states.
Subscribers 0
Fans 0
Followers 0
Followers