> The UK is also planning to legislate to remove the EU-derived requirement for the Data Protection Officer, as the person responsible for safeguarding an organisation’s users’ privacy rights, while simultaneously demanding under the OSB that companies appoint named individuals who are subject to personal arrests and criminal sanctions for failing to prevent bad things from happening on the internet.
*subject to personal arrests and criminal sanctions* seems like the limited liability companies no longer limit the liability.
I have a legal entity registered in Scotland. Seems like it might be time to wind that up and move it to another country. Where is a good company within the EU to registered?
This doesn't even seem like it'll accomplish what's intended.
The goal is to hold the company accountable, but it sounds like they just created legalized paid-fall guys.
If the government wants to pierce the limited liability veil, they should either go after the persons in the company either directly or ultimately responsible (eg the direct manager, or the C-suite). Letting the company decide who takes the fall just means they're going to foist it on some uniformed schmuck.
You get paid more for being on-call - now wait until you see the legaly-liable-for-the-entire-company bonus!
Limited liability companies in Ireland don't provide any protection against liability for criminal acts (nor do any countries), so I think the ideal would be to move to a jurisdiction where the act is not criminal or cease the criminal actions.
Well, the issue is, they made a company data protection issue criminal and not civil. It would be moving to a country where data protection is a civil matter in a day and age where data leaks happen on a regular basis.
> Where is a good company within the EU to registered?
Estonia for sure. Their e-residency scheme is fantastic and designed for people all around the world to register virtual companies, even if you don't have any presence in Estonia.
So if nothing is changing, why is it changing from a data leak being a criminal offence for an indivual from being a civil offence for the company? That seems like a massive change! Seems like the laws are changing!
Just to be clear, some poor sod is going to end up getting a criminal conviction because someone at the company they work for but don't own fucked up. You get a so-so paid job at a mega corp and end up with a criminal record because some guy in an office you've never been to did something. That is nuts.
Well the law is changing to make failure to carry out your responsibilities as a specific officer in a company a criminal offence. But that’s got nothing to do with a companies limited liability.
There are plenty of other positions in companies that come with similar personal criminal liability. They mostly only exist in finance industry, but the roles of CEO, CRO, MLRO etc in most financial institutions come with personal criminal liability.
The liability in these cases is usually tied to competence and knowledge. It’s illegal to be incompetent at your role, and it’s illegal to be ignorant of the activities of your company that fall within your roles responsibilities. The expectation is that individuals in this role will setup policy and monitoring frameworks to make sure that nobody is doing any stupid, that might result in them going to prison.
All of these requirements came into existence after the 2008 financial crisis, after it became apparent that senior leaders in financial institutions we’re keeping themselves deliberately ignorant of the misbehaviour of their companies, and creating a situation where nobody could be held responsible for the mess.
I’m not sure that age verification for website meets the bar needed for applying this approach here. But there are certainly places where it makes sense.
> Well the law is changing to make failure to carry out your responsibilities as a specific officer in a company a criminal offence. But that’s got nothing to do with a companies limited liability.
The law is changing so that the liability isn't limited to the company. That has all to do with the companies limited liability.
No it’s not. The law is changing to create new additional liabilities for people. The liabilities in question have never existed before, so it could never be limited.
If you commit an act of murder as a company agent, limited liability isn’t going to protect you. This law is simply saying that failing in your legal responsibilities as a specific company officer is a criminal offence. Just like committing fraud as a company officer, or failing to produce accurate accounts will also expose you to personal criminal liability.
> No it’s not. The law is changing to create new additional liabilities for people. The liabilities in question have never existed before, so it could never be limited.
GDPR, Data Protection Act, etc all exist. These are all leveled againist the company.
> If you commit an act of murder as a company agent, limited liability isn’t going to protect you. This law is simply saying that failing in your legal responsibilities as a specific company officer is a criminal offence. Just like committing fraud as a company officer, or failing to produce accurate accounts will also expose you to personal criminal liability.
Comparing data protection with murder is silly. The law is simply stating if you breach data protection laws it's now a criminal matter againist a person instead of againist a company, Massive difference. Especially, if you registered a company to make sure you're not personally liable for data protect breaches.
> Especially, if you registered a company to make sure you're not personally liable for data protect breaches.
And that's your mistake right here. A limited liability structure never protected you against wilfully breaking the law, or being criminally negligent, not when it came to murder, and not when it came to data protection. Just ask any engineer who signed off on a design that later turned out to be insufficient according to specification.
Data protection criminal charges used to be levied against random people within the company - and now they are focussed on the data protection officer (who criminally neglectfully abandoned their function if there is a breach).
If you are still confused about this concept, before you do more in the business structure world, it might be a good idea to talk to a lawyer and make them explain the difference to you.
> The UK is also planning to legislate to remove the EU-derived requirement for the Data Protection Officer, as the person responsible for safeguarding an organisation’s users’ privacy rights, while simultaneously demanding under the OSB that companies appoint named individuals who are subject to personal arrests and criminal sanctions for failing to prevent bad things from happening on the internet.
*subject to personal arrests and criminal sanctions* seems like the limited liability companies no longer limit the liability.
I have a legal entity registered in Scotland. Seems like it might be time to wind that up and move it to another country. Where is a good company within the EU to registered?