ICO warns about misinformation concerning EU data protection law
Elizabeth Denham, the Information Commissioner, has asked UK businesses to be careful, as the information available about the new General Data Protection Regulation may not necessarily be true. She assured businesses that they will not be fined for minor infractions, and they should not worry that the maximum fine for not conforming to the General Data Protection Regulation will become the norm.
While Ms. Denham acknowledged that those dispensing information, both written and verbal, about the new data protection law have mostly got their facts right, there is still misinformation floating around that has the potential to convince businesses that it is the truth.
One example is the myth that the new data protection law will prevent dentists from calling up their patients to remind them about their appointments. Another example that Ms Denham provided concerns the misinformation that the law requires businesses to report all breaches and that the large fines will be used by the ICO to fund its work and research.
Ms Denham believes that the misinformation about the EU’s data protection law has the potential to take focus away from the law, which assures businesses and consumers more transparency, makes businesses more accountable and ensures that consumers’ rights are protected.
The Commissioner stated that she will be publishing several blogs to make sure that businesses and citizens understand the new law, and she hopes that this will help businesses in the UK comply with the law before it comes into force on 25th May 2018.
Ms Denham also pointed out that the law is not related to fines. Rather, it is about putting the rights of consumers first, and organisations in the UK should not lose sight of this fact.
While it is true that the fine limit of £500,000 has been set by the new data protection law, the ICO has the authority to impose larger fines, something that businesses are fearful of.