Procurement · 17 December 2015

EU data protection puts small business at risk

Small businesses need sufficient understanding of new EU data protection legislation
Fears have arisen that small businesses could be the first to lose out from new European data protection legislation unless sufficient compliance capacity to properly scrutinise how the new measures may effect them is put in place.

In response to a vote to be held by the European Parlaiment’s Civil Liberties committee this week, lead negotiator Timothy Kirkhope warned that while new measures are an improvement to previous data protection laws, legislators need to clarify how small business will be impacted.

big multinationals have vast compliance departments for unravelling what this law means for them, said Kirkhope. Now we need for the European Commission to be clear in how it implements the law so that smaller businesses are clear on how this law will affect them, and how they can prepare for it.

Agreed informally on 15 December and backed by MEPs several days later, the new legislation will create an EU-wide uniform set of rules designed to improve legal certainty, for businesses and citizens alike, surrounding the distribution and use of digital data.

“What has come out of the process is a significant improvement on previous proposals, added Kirkhope. “If the European Commission implements this law correctly then it should bring real benefits to how people can take control over their data. If they mishandle the implementation, it will become a burden for businesses.”



Fred Heritage was previously deputy editor at Business Advice. He has a BA in politics and international relations from the University of Kent and an MA in international conflict from Kings College London.