The GDPR and the Energy Sector

FSR Energy Union Law Webinar Series with Hielke Hijmans (Centre for Information Policy Leadership and Brussels Privacy Hub)

In this webinar, Hielke Hijmans analyses the GDPR and its potential impact on the energy sector.

The new European Data Protection Regulation (GDPR), applicable as of 25 May 2018 in all Member States, has heralded a major reform of the EU data protection framework. Designed to harmonise data privacy laws throughout Europe, to protect and empower EU citizens’ data privacy and to reshape the way organisations across the region – both public and private – approach data privacy, the new set of rules have posed considerable challenges of compliance across the sector. So, what does the regulation introduce, and what are the implications for the energy sector?

Seven years in the making, the new regulation replaces the Data Protection Directive 95/46/EC which, up to this point, had set the minimum standards for processing data in the EU. With the GDPR, several rights have been considerably strengthened – individuals will have greater power to demand companies to reveal or delete personal data being held; regulators will be able to work in concert across the EU for the first time on this issue as opposed to having to launch separate actions in each jurisdiction, and with far more punitive consequences. Given that energy companies are increasingly becoming data companies, harnessing energy data and personal data as a tool for energy efficiency mechanisms, the impact on the energy sector will be wide-ranging.