The Proposed EU Data Protection Regulation: Historic Privacy Framework or Swiss Cheese?
What a week for the proposed EU data protection regulation. Here is a roundup we’ve put together highlighting the various initiatives and concerns with this hugely important, but contentious legislation. European Data Protection Supervisor Peter Hustinx is concerned that if the regulation isn’t passed before the expiration of the current European Parliament, then “serious repercussions in terms of economic development” will ensue, and MEP Jan Philip Albrecht has warned that the EU may end up with a data protection regime that will be weaker than the 1995 directive.
With serious concerns by some about the level of lobbying efforts by U.S.-based tech companies, the U.S. government and the advertising industry, a coalition of privacy advocates has banded together with the intent of educating and convincing citizens to contact their representatives and demand strong data protection legislation. The tone and tenor of the data protection debate on both sides shows how contentious privacy has become.
Here’s a brief video from the group:
It would take thousands of words for me to describe the complexities and nuances that may have been glossed over or summarized in such a short video. But, regardless of what side of the debate you're on, what has become clear is that privacy and data protection are at the forefront of the global policitcal debate. Some have even warned that a proposed EU-U.S. trade agreement would allow U.S. tech companies to sidestep the data protection regulations, while others, such as Christopher Wolf, are seeing the potential convergence of trade and privacy law. Wolf also shared some of what he's hearing about the proposed regulation "out on the Rue."
For some skeptics, claims on the technical feasibility of the right to be forgotten have been called into question, not to mention the public interest in maintaining certain information indefinitely (think about a politician’s resume). On this very blog, an archivist expressed her concerns on what the right to be forgotten could have on historical archives and research. Plus, those lobbying for a more “flexible” regulation argue that prescriptive measures will hamper innovation and the dynamism brought on by rapidly improving technology.
And Europe is certainly not homogenous—the UK tends to see things differently than Germany, for instance. As Timothy Toohey, CIPP/US, CIPP/E, recently told The Privacy Advisor, “there is a wide gap between the UK ICO’s views and those of data protection authorities in other EU member states. Even within certain countries, like Germany, which has strong traditions of data protection within individual German states, there are significant differences in attitude towards the proposed regulation.”
With such a huge piece of legislation hanging in the balance, it’s no wonder the final vote in the European Parliament Civil Liberties Committee has been temporarily delayed.
It will be interesting to see how this plays out. Will big business get their softer, gentler regulation? Or will the video’s warning come true: “When the lobbyists are done with this law, the only thing that will remind you of data protection is the title of the law”?
About the Author
As editor of the Privacy Perspectives, Jedidiah Bracy moderates the many views, angles and, well, perspectives that inform information privacy and all its adjacent professions.
In addition to editing the Privacy Perspectives, Bracy facilitates the vetting, writing, editing and curation for the Daily Dashboard, the IAPP Canada Dashboard Digest, the IAPP Europe Data Protection Digest and the IAPP ANZ Dashboard Digest. He writes feature articles for The Privacy Advisor on information privacy law, data protection and the privacy profession.
When not mulling over the current state of information privacy in the digital age, Bracy enjoys watching international soccer, listening to his music library and tasting a finely wrought craft beer. You can follow him @jedbracy