EU agrees on unified data security laws

EU agrees on unified data security laws
© Getty Images

European Union member states on Monday signed off on a broad restructuring of their data protection laws.

The framework is a major step forward in the effort to unify the 28 member countries' data security rules and levy fines against companies that break those rules.

ADVERTISEMENT

The single code is an attempt to better secure people’s digital data and fight back against the rising tide of hackers and government-backed spies.

“Citizens and businesses deserve modern data protection rules that keep pace with the latest technological changes,” said Věra Jourová, commissioner for justice, consumers and gender equality.

Penalties for not obeying the laws could run as high as 1 million euros or 2 percent of a company's yearly income.

The European Parliament must still approve the framework, but officials think a deal can be reached by the end of the year.

“High data protection standards will strengthen consumers’ trust in digital services, and businesses will benefit from a single set of rules across 28 countries,” Jourová said.

The move could also put pressure on the United States to pass its own data-security legislation.

Like EU-based companies, American businesses have struggled to comply with dozens of various state-based data security standards.

Industry groups have also complained that the perceived lower quality of American data protection standards has significantly damaged their ability to do business overseas.

Congress has been considering a slate of similar bills that would all set national data security guidelines and give federal regulators more leeway to bring enforcement action over security failures. But lawmakers have failed to coalesce behind a single measure.

Governments have been particularly focused on passing digital security legislation since government leaker Edward Snowden revealed a number of secret spying programs across the U.S. and Europe.