Over the last 20 years Ireland has established itself as The Data Capital of Europe; with an impressive cluster of leading data rich companies serving Europe from Ireland; from Apple, Google, Microsoft, Facebook, LinkedIn, Twitter, Airbnb, with many investing in substantial data centre infrastructure around the Island.
Today data privacy issues are at the forefront for companies who handle European customer data. At a high level the General Data Protection Regulation (GDPR) will come into force from May 2018. This will mean uniformity of law for data protection across all EU member states. It should give greater clarity for both citizens and business. Legal folks will be able to get into the weeds on the detail of GDPR coming down the tracks and the Privacy Shield for managing data transfers between jurisdictions.
For CEO’s, CFO’s, CTO’s, Product engineers/architects/managers through to your teams marketing and selling to European customers this is what you need to know:
How important is Data Privacy in Europe?
Data Protection is enshrined in the EU Charter of Fundamental Rights; this holds comparable importance to the US constitution Bill of Rights. European customers, both B2C and B2B, will require and covet dealing with organisations with leading data practices.
Who does it apply to?
The new regulation applies to any business that is established in the EU or processes data of EU citizens, even if you have no physical presence in an EU country!
Not adhering to the law could result in substantial fines
Between 2-4 per cent of turnover, yes revenue. Getting Data Privacy wrong in Europe could be very costly. Reputational damage of not complying should also be considered; customers in Europe take data protection seriously.
Choose the right Data Protection Jurisdiction
GDPR establishes the role of lead supervisor ‘One Stop Shop’. Instead of dealing with all data protection regulators from individual member states, companies can now deal with a Lead Regulator. A company’s lead supervisory authority will generally be the Data Protection Commissioner in the EU country where the company has its main establishment. In selecting their lead data protection authority companies should look at where they have their central administration or where decisions about the use of data are made. If considering the United Kingdom, make sure to look closely at the potential ramifications from Brexit.
Privacy by Design
In many cases companies are looking at data privacy as a commercial opportunity; designing products that will both comply with the law as well as act as a key selling feature.
Data Protection has been given focussed attention from the Irish government; Ireland is the first country in Europe to establish a dedicated Minister for Data Protection, Dara Murphy, who has being engaging at national, EU and international level. Increased resourcing for the independent Irish Data Protection Commissioner (DPC) has allowed for a new unit specifically focussed on large multinational companies to be set up helping the DPC to be more engaged and effective in its interaction with multinationals. Plans for a Data Summit in June 2017 will further engage stakeholders and address best practices. The Irish Government’s commitment to data protection, while also supporting enterprise and innovation, further cement Ireland’s position as the Data Capital of Europe.
82% of companies Rate Ireland’s Data Regulatory climate as Good to Excellent