The European Union has finally agreed upon data protection laws that will impose huge fines on companies.
Companies will be faced with fines of up to 4% of global revenue if they are found to be misusing personal data. This could potentially result in billions of dollars in fines for companies such as Facebook or Microsoft.
In addition to the hefty fines, it has been agreed by the European Commission that companies will be forced to report any data breaches.
Debates had been on-going for four years regarding replacing the patchwork of national laws that have been in place since the 1990’s.
In order to make operating across the 28 member states of the EU easier for companies, the law will establish a single regulator for multi-nationals in the country where they have a European headquarters.
Another important element of the law is the right to be forgotten. Businesses will now have to get people’s explicit consent to use their data and appoint a data protection officer to oversee privacy issues, something that could impact start-ups with small budgets and teams.
Right to be forgotten will be enshrined so as to give EU citizens the right to have information about them deleted from the internet.
Andrus Ansip, Vice-President for the Digital Single Market, said that the "agreement is a major step towards a Digital Single Market. It will remove barriers and unlock opportunities.
"We should not see privacy and data protection as holding back economic activities. They are, in fact, an essential competitive advantage."
The agreement still needs to go through final stages of endorsement by the European Parliament and EU member states, which is expected to happen early next week.