McGrath signals easing of GDPR obligations for some businesses

By Cillian Sherlock, PA

GDPR rules are on track to ease for some smaller businesses in a bid to improve competitiveness in the European Union, the EU Commissioner has signalled.

The General Data Protection Regulation introduced hundreds of pages of new requirements for businesses dealing with personal data of EU citizens.

It was designed to ensure that personal data should generally only be stored where there is a lawful basis, such as through consent or under a legal obligation.

It imposed a series of obligations on businesses around data storage and protection, as well as privacy rights.

Fines for GDPR violations can be significant.

The regulation has sometimes been criticised by some businesses as being a barrier to growth and innovation, on top of carrying onerous record-keeping obligations.

One of the most noticeable changes brought about by GDPR are the familiar pop-up consent forms for advertising and functional cookies when visiting websites.

However, proponents of the regulation argue that it offers improved data and privacy rights for citizens.

Asked if the Commission was considering easing the rules to enhance competitiveness for business, Michael McGrath said GDPR will feature in a future omnibus package.

Speaking during a visit to Dublin, he added: “We have already brought forward the first round of omnibus proposals, and they have to make their way through the legislative process over the period ahead.

“We are examining the impact on SMEs and smaller organisations in relation to the record-keeping obligations, for example, so we’re looking at that specifically.

“And yes, there will be a proposal in relation to GDPR that will be part of the forthcoming omnibus package.”