Web firms face a strict new set of privacy rules in Europe -- here’s what to expect

The European Parliament has overwhelmingly passed a large package of laws intended to strengthen data protection -- that’s “privacy” in non-legalese -- across the European Union.

The data protection regulation, passed by members of the European Parliament (MEPs) by 621 votes to 10 with 22 abstentions, was proposed by EU Justice Commissioner Viviane Reding just over two years ago as a way of harmonizing data protection law across the 28 member states.

The next Parliament will need to take this over after the May election, and Europe’s governments still need to give their approval through the European Council, but it looks like web firms operating in the EU are about to face a very different regulatory landscape. This would include much higher fines for breaches of data protection law in the EU, the limited right for citizens to demand the erasure of their personal data, and strict limitations on what can be done with EU citizens’ data outside the union. A separate resolution passed could also lead to difficulties for US firms in handling the personal data of Europeans.