Protecting data and respecting user privacy are of major importance to AT Internet. Today, many changes are taking place in the realm of data privacy, whether in Europe, in North America, or elsewhere around the globe. What are the latest changes, and what’s set to come next? And what impact will these developments have on your digital analytics data and solution?


Adoption of the European GDPR regulating the collection and processing of data:

The major news in the Privacy world in recent weeks is the adoption of the General Data Protection Regulation (GDPR), officially published on May 4, 2016. This European regulation aims to standardise the rules and requirements regarding data privacy and protection, and will be directly applicable in all European Union member countries two years after the publication date. Before this reform was adopted, the legislation in place dated back to 1995 and therefore needed to be updated in order to keep pace with technological evolution.


So, what will change with respect to the previous directive? Broadly speaking, the right to be forgotten is affirmed, and it will be mandatory to obtain explicit consent from a person in order to use any of their data. Finally, the data controller must inform the competent supervisory authority in case of data breach about the nature of the breach, the type of data involved, and the number of people affected. This regulation will apply to many different bodies: any economic stakeholders (companies) and any social stakeholders (authorities/administrations, unions, local governments, associations…) that handle data.


The regulation also defines heavy sanctions (fines of up to 4% of total global annual revenue/turnover!) for any companies who do not comply with these obligations once the two-year compliance period is up (after May 25, 2018).


Go further, learn more:


The EU-US Privacy Shield: Where do things stand?

Another major subject in the news is the introduction of a new agreement – a priority for American and European lawmakers after the European Court of Justice ruled the Safe Harbor agreement “invalid” in October 2015. Safe Harbor enabled 4,000 companies to transfer European users’ data to the United States. Going forward, Europe’s data protection authorities must examine the validity of data transfers that are submitted for their review, while taking into account the situation in the United States, which does not offer adequate protection in terms of data privacy: the Safe Harbor agreement was deemed invalid due to the American government’s surveillance practices, which threatens the protection of European citizens’ data.


privacy shield agreement Europe United States data protection


This new agreement, the Privacy Shield, is currently being negotiated between European and American authorities, and a result is expected in June 2016. How will it be different from Safe Harbor? According to current negotiations, this new agreement would offer stronger protection for European citizens’ rights than Safe Harbor did. Europeans would have several redress options in cases where their data rights were infringed by American companies. Additionally, this agreement will be reviewed every year. American companies will be subjected to more stringent obligations, and will be directly monitored by the U.S. Department of Commerce. The European Commission revealed the Privacy Shield’s major principles on February 29. This agreement is a consensus between business concerns for American companies and data protection for European users.


So what’s the holdup?

Isabelle Falque-Pierrotin, chair of the Article 29 Working Party (WP29) (the European group composed of data protection authorities from each EU member state) and president of the CNIL (France’s data protection authority), has criticised the text’s complexity and certain contradicting points. The taboo subject of surveillance by American agencies was also brought up, and is the subject of negotiations aiming to define the framework of this surveillance, which remains unclear for the moment. The project has also been criticised by European privacy rights activists like Max Schrems, whose lawsuit against Facebook eventually led to the annulment of Safe Harbor, as well as numerous politicians who say the agreement grants too much leeway to American intelligence agencies.



The text issued on February 29 was therefore a first necessary and significant step, but one that remains insufficient, according to many.


Learn more:


Go further: How can you stay updated on privacy issues?

To stay abreast of the latest developments in the data privacy world, it’s important to keep your eye on the right sources. Follow news and updates from your country’s data protection authority, if it exists. You can also follow the topic on social networks and on the web using alerts, but generally speaking, the most trustworthy information will come from official sources. Try checking out:


What impact do these new measures have on AT Internet’s digital analytics solution?

For many years, AT Internet has practiced a policy of transparency regarding data collection and user privacy. All collected data is securely stored on our proprietary servers in France (and is therefore subject to French and European legislation). As a result of the CNIL’s (French data protection authority) trust in our solution and our policies, users of our solution in France may be exempt from obtaining visitor consent for the placement of audience measurement cookies. To learn more about AT Internet’s privacy policy, please see our website.


We’re always looking out for the latest developments on privacy and data protection, and want to help our customers and readers do the same. With this in mind, we’ve partnered with expert Aurélie Pols to bring you a special White Paper that examines privacy principles and best practices for applying them within your organisation:


Webinar Data Privacy rediff

A digital marketing addict, Dimitri joined AT Internet’s team in February 2016 as a Digital Marketing Assistant for 6 months. He works on subjects like social media optimization, SEO, inbound marketing, and the optimization of AT Internet’s blog and website. He is currently finishing his second year of studies at the Bordeaux ESCEN (business school) in the Web Business Bachelor’s program.

Comments are closed.