Euro commissioner tells Facebook it has nowhere to hide
Offshore servers no defence, Reding tells El Reg
Cookies and milk for Santa Claus
The European data protection law plans are seen by UK Justice Secretary Ken Clarke as a dangerous move with the potential to compromise freedoms and security.
He lambasts Reding's "one size fits all" approach and says that "imposing a single, inflexible, codified data protection regime on the whole of the European Union, regardless of the different cultures and different legal systems, carries with it serious risks."
The commissioner rejects his comments. "I have not understood the criticism very well because the problem which UK companies have here is that if they want to conduct business in France or in Germany, they have to adapt to a different set of complicated and costly rules," she says.
"The British point of view to open the internal market has not changed. If you are an island and you want to take advantage of the European markets then you do not want to have the rule barriers in place."
Reding cites lots of examples where the so-called "one size fits all" model works within the legal framework of Europe.
"On mobile phone roaming prices the market was taking advantage of the still existing barriers," she says. "Making a lot of money off the back of those citizens who decided to go cross-border."
"I always meet people who are astonished that Christmas is on the 25th of December. I always encounter governments that are astonished that a law that has been voted for two or three years before has to be applied on that date… That is not just on the cookies, but a general problem, which I have normally.
"This decision doesn’t come out of the blue. That was the Council of Ministers plus the European Parliament who had done this together… You decide something, you apply it. If you don’t we bring the country to the court."
Reding is unable to comment on what this means for the UK government, which freed up web owners in Britain from the burden of implementing the changes requiring websites within the EU to obtain a visitor's consent to install a cookie in their browser. It effectively deferred enforcing the law for one year.
"It's much too early to say [on UK] as it’s only some days into the law," she says. "I have already spoken to ministers here [and told them] that Christmas is on the 25th."
Elsewhere, the EC is already taking legal action against the UK government for alleged failures over regulating Phorm and for lacking proper data protection laws. The Commission believes the green light given for BT's use of the web monitoring software without gaining prior consent from its customers is illegal.
It's unclear if the UK Home Office's recent plans to change the Regulation of Investigatory Powers Act (RIPA) to demand full consent to monitoring of individuals' private communications will appease Brussels regulators.
But with the case remaining "under investigation", Reding tells us that she's unable to provide further comment on the matter.
More generally she points out that "there is a big business on selling information, but people are not aware of it".
She says they are "very naive, very often. Informed consent means they know their data can be sold to a third party for this and this utilisation."
But Reding wants that decision to be in the hands of the individual, while still allowing companies to use methods such as targeted advertising, which she sees as "an interesting business model".