It's taken three years to negotiate the demands and wording and will need another two years to be implemented across all states, but the EU will soon have a new, modern data protection policy, to update the current clunky 1995 model that still thinks cookies are primarily an Americanised biscuit.
The full text of the proposed new laws can be read here [PDF], with the general gist being more of an emphasis on the rights of the individual to export and delete data, plus stricter guidelines on what we can expect of the Internet giants who dominate our privacy.
Key cornerstone rules include a universal right to be forgotten that covers all major companies, parental consent to allow children to use social media, stronger guidelines on data portability so we can flip-flop between SIMs more easily, and a requirement for companies involved in data breaches to notify the authorities as soon as they are made aware that something is wrong.
MEP and discussion lead Jan Philipp Albrecht said: "In future, firms breaching EU data protection rules could be fined as much as 4 per cent of annual turnover -- for global internet companies in particular, this could amount to billions. In addition, companies will also have to appoint a data protection officer if they process sensitive data on a large scale or collect information on many consumers."
In short, the words we don't read will be a bit different in 2018, and the tech titans might need to hire a few more data specialists to cope with the extra demands about to be placed upon them and any third-parties they farm collation and aggregation out to. [EPN via TechCrunch]