Included in this Data Issues Roundup: Publishers worried about the impact of the EU’s proposed ePrivacy Regulations; Survey finds more than half of UK small businesses are still unfamiliar with the GDPR; and more...

United Kingdom

Publishers worried about the impact of the EU’s proposed ePrivacy Regulations

Media attention has focused enormously on the GDPR recently, however many European publishers are fearing another privacy measure: the ePrivacy Regulation (EPR).

The current draft of the new EPR is much stricter than the current Privacy and Electronic Communications Regulations. Many publishers are worried that the proposed law will make it more difficult to acquire consent to use cookies for site analytics, reporting and advertising, restricting their ability to earn digital revenue. In May, publishers from news sources such as the Guardian and Financial Times, wrote to the European Parliament to express their concerns.

One of the main points of concern amongst the publishers is that the European Commission has suggested that browsers are gatekeepers, with users opting in or out of cookies in their browser settings. This will eliminate banners for permission to use cookies from the publisher's websites and put them at risk of being held to ransom by browsers being in control of the opt in and out settings.

Publishers are also worried about the platform effect, with some arguing that the new proposals will advantage walled gardens such as Google and Amazon. It is being argued that it is easier for these platforms to get consumers to opt in at scale, as they have masses of user login data and are able to communicate directly with users of their products. Publishers, on the other hand, often have to reply on third-party data.

Survey finds more than half of UK small businesses are still unfamiliar with the GDPR

A survey has revealed that more than half (55%) of the UK's small and medium-sized enterprises (SMEs) are still unfamiliar with the General Data Protection Regulation (GDPR). Knowledge of the EU data regulation is higher in larger businesses, however, 30% of company executives said that they still know little surrounding the GDPR.

The research also found that 18% of businesses would be at risk of insolvency if they had to pay the new, higher maximum fines allowable. Under the GDPR, breached organisations could face a dramatic increase in fines, with a maximum fine of £17 million or 4% of annual global turnover, whichever is higher. Current fines are set at a maximum of £500,000.

Across all UK businesses, it was revealed that lack of knowledge of GDPR was still high, with 27% of senior decision-makers unfamiliar with the upcoming changes. Real Estate and Construction seemed to be the worst performing sectors.

Other survey findings found that 57% senior management have little involvement with data protection, 23% of businesses have no data breach contingency plans in place and 34% have no plans to perform a risk assessment of data in 2017.

These results show that many businesses still have a long way to go before they are GDPR compliant in time for May 2018.

Russia's data storage law requires Russian personal data to be hosted on Russian servers

Russian news agencies have reported that Russia will block access to Facebook in their election year, unless the network complies with a law that requires Russian citizen data to be hosted on Russian servers.

According to the agencies, the threat originates from Russia's communications watchdog, Roskomnadzor, which blocked access to Linkedin's website last November in order to comply with a court ruling based on the same data storage law.

The Linkedin case set a precedent for the way foreign internet firms work in Russia. Roskomnadzor is now putting pressure on other companies to comply with the data storage law, which was approved by Vladimir Putin and came into force in September 2015.

Key Contacts

Helena Brown

Helena Brown

Partner, Commercial and Data Protection & Head of Data
Edinburgh, UK

View profile