English
עברית
Français
Deutsch
Русский
Español
简体中文
日本語
Dutch
Türkçe
Language
English
עברית
Français
Deutsch
Русский
Español
简体中文
日本語
Dutch
Türkçe
Home
About us
About us
CV at a glance
Global reach
Pro Bono
What we do
Practice area
The team
Knowledge center
Insights & News
Client updates
Credentials
Doing business in Israel
Join us
Contact
Barnea Blog
© All rights reserved to Barnea Jaffa Lande Law offices

Home · Barnea Blog · Internet · GDPR – Why Should We Care about It?
Blog Homepage >
05/28/2018
by Barnea
         
AI Regulation
Antitrust and Competition
Banking & Finance
Blockchain
Capital Markets
Corporate
Employment
Enforcement
Enforcement/white collar
High Tech
Infrastructure
Internet
Kibbutz Sector
Litigation
National Insurance Institute (NII)
Private Clients
Real Estate
Regulation
Start- Ups
Tax
White Collar

GDPR – Why Should We Care about It?

GDPR – Why Should We Care about It?

What Is GDPR?

The General Data Protection Regulation (GDPR) is an EU regulation entered into force on May 25, 2018. One of the purposes of the GDPR is to help people better control their personal data. The regulation applies to all companies established in the EU, as well as to anyone offering products or services to people in the EU even without any presence in the EU, which is why major websites are updating their privacy policies to comply with the GDPR.

 

Why Is This So Important?

 

Administrative sanctions according to the GDPR

These sanctions are set at extremely high levels. Sanctions may be as high as 10 million euros, or 2% of worldwide annual revenue of the prior financial year if higher, for breaches related to technical measures: impact assessments, not having a qualified data controller, etc. For noncompliance with key provisions, the maximum fine is 20 million euros, or 4% of revenue. Although it is reasonable to assume smaller companies may face lesser sanctions, the levels are still such that some may be unable to pay. Non-monetary sanctions, such as reprimands or temporary bans on processing data, may also be applied.

 

Civil litigation by data subjects, including class actions 

The regulation, quite simply, makes it easier for data subjects to sue you. This may result in the expense and inconvenience of fighting a lawsuit in Europe. Civil suits may also add financial burden on top of fines already being levied.

 

Possible penal exposure on account of laws in the Member States 

Some Member States are creating laws that will add further penalties on top of EU regulation to companies found noncompliant. This may result in higher fines or other legal difficulties that might, for example, cause complications for company officials who need to travel to and within Europe.

 

EU business partners refusing to work with noncompliant businesses 

In order to protect themselves from administrative sanctions, some businesses may demand a standard of compliance before they agree to work with you. For instance, the regulation makes it specifically illegal to transfer personal data outside the EU without adhering to a set of provisions, including proper contractual arrangements.

 

Difficulties and reduced valuation for IPO, investment, and exit 

 

Even the appearance of noncompliance may make investors unwilling to put money into a company or purchase its shares. The same goes for initial public offerings.

 

The Bottom Line

In other words, you must make sure you are compliant with the GDPR if it applies to you. If needed, you should request advice from a lawyer or a specialist with expertise in data protection law and practices.

 

***

We advise on a wide variety of privacy matters, including GDPR compliance. Barnea offers a full spectrum of services to get your organization fully compliant with the GDPR. Feel free to contact us for further guidance.

 

Source: barlaw.co.il

Enter your email for newsletter sign up: