“U.S. companies handling information about European consumers already are reeling from a decision to end a longstanding agreement allowing for easy transfer of data across the Atlantic. Now firms must determine how to comply with European Union data-privacy regulations that are closer than ever to going into effect.
Large firms already have been preparing for the new rules. “We have data about people in thousands of databases, some of which are legacy databases,” said Hilary Wandall, assistant VP compliance and chief privacy officer of Merck and Co, while speaking at a conference focused on the new EU privacy rules hosted by Truste in San Francisco on Dec. 8. “There are regulatory reasons why in many cases we actually have to keep data. So the actual requirement to erase data on people is fundamentally problematic,” she continued, noting the company sometimes needs to store data reflecting consumers’ opt-out requests.” – Kate Kaye, Advertising Age, December 18th 2015
Kate’s fascinating article covers GDPR from a totally different angle – that of the large, US based trans-national company with huge stakes in the British and European markets.
The problem with the GDPR is that data protection is it’s central theme, but with the free transfer of data necessary so many businesses now in jeopardy one must ask when data protection becomes data prohibition.
The reactions Kate cites in the article only confirm this.