The officials in Brussels have insisted that the new data protection law GDPR does not apply to European Commission unlike to companies and governments.
The Data Leak on EU’s Website
It comes as a shocking revelation for us after an embarrassing leak of personal data of hundreds of EU citizens by the European Commission (EU) itself.
In an embarrassing fiasco, the leak includes names, postal addresses, email details, and professions of almost 700 EU citizens.
Along with this, in some cases, even postal codes and addresses of British citizens were revealed.
It can be easily accessed online at European Commission’s official website Europa.eu in Excel spreadsheets uploaded in 2013.
A data protection expert from a law firm based in London focussed on the irony of the European Union’s admission. He said that the breach has raised some serious questions about the general level of compliance and whether any other similar disclosures were made. He also stated, “Although the information disclosed here does not appear to be particularly sensitive, it does raise questions about the general level of compliance, and whether any further inadvertent disclosures have been made”.
If any other organisation had leaked such data, it would have been breaching of regulations set under GDPR, and it would have meant the said organisation might have had to face penalties reaching up to 4% of global turnover or 20 million euros.
Another security expert from California based company remarked the EU’s data leak as “embarrassing” coming so soon after GDPR implementation.
Just hours after the implementation GDPR, many websites went offline, and there were allegations that Facebook and Google had already breached the data.
Why doesn’t GDPR apply to EU?
The EU official has stated that European institutions are the separate entities and GDPR does not apply to them citing “Legal Reasons”.
What will EU do to protect My Personal Data?
It is understood that EU officials will follow a new law similar to GDPR, but it won’t come into effect probably until the October of this year.
You may also like to Read: 5 Things to Consider if you are not GDPR Ready