3 reasons why consistent implementation is critical for the EU’s GDPR

  • 1 February 2018
ICC Data Protection Day

A particularly momentous year in the world of privacy, 2018 will see the European Union’s General Data Protection Regulation (EU GDPR) move from policy to practice on 25 May.

Because of our globally connected world, the EU GDPR will impact businesses of all sizes, in every sector, everywhere. But it’s not only businesses that are bracing themselves for the changes. EU member states are also undertaking a makeover of their respective national data protection laws to ensure they are up to speed.

As enforcement day draws closer and many EU member states embark on the final stretch to update their national laws, we’re highlighting 3 reasons why consistent GDPR implementation will matter.

1. Promoting the digital single market

A streamlined, harmonized GDPR implementation will contribute to the ultimate goal of the proposed regulation of promoting the development of a single digital market in the EU.

2. Encouraging innovation and new business models

The GDPR allows for local derogations in certain fields, such as health data. But without consistency on key areas, such as the definition of personal data, businesses – and in particular SMEs – may not survive without a legal team in place to keep up with inconsistencies.

3. Cutting costs while ensuring legal certainty and cross border data flows

Complicating mechanisms, such as the one-stop-shop  introduced by the European Commission to clarify and simplify compliance requirements for global companies that process data in several EU member states, would bring legal uncertainty to both companies and people. Doing so would compromise the goal of the one-stop-shop which offers a sound opportunity for cutting costs and encouraging streamlined non-bureaucratic rules.

At ICC, we know that business expertise and knowledge is vital for data protection. Businesses are the innovators and producers of technology and digital infrastructure representing an invaluable pool of expertise for policymakers.

As the world business organization, ICC presented the views of global business at a January hearing on France’s implementation of the EU GDPR at the National Assembly.

As privacy is both subjective, and tied to the cultural and legal context of the jurisdiction, harmonization can be difficult to obtain. Yet the GDPR aims to do exactly that. A central goal is to encourage a more effective, accountable and less administratively burdensome data privacy regime for Europe.

Read more, in French,  about France’s implementation of the EU GDPR at the National Assembly.