Feeds

Euro commissioner tells Facebook it has nowhere to hide

Offshore servers no defence, Reding tells El Reg

Intelligent flash storage arrays

Cookies and milk for Santa Claus

The European data protection law plans are seen by UK Justice Secretary Ken Clarke as a dangerous move with the potential to compromise freedoms and security.

He lambasts Reding's "one size fits all" approach and says that "imposing a single, inflexible, codified data protection regime on the whole of the European Union, regardless of the different cultures and different legal systems, carries with it serious risks."

The commissioner rejects his comments. "I have not understood the criticism very well because the problem which UK companies have here is that if they want to conduct business in France or in Germany, they have to adapt to a different set of complicated and costly rules," she says.

"The British point of view to open the internal market has not changed. If you are an island and you want to take advantage of the European markets then you do not want to have the rule barriers in place."

Reding cites lots of examples where the so-called "one size fits all" model works within the legal framework of Europe.

"On mobile phone roaming prices the market was taking advantage of the still existing barriers," she says. "Making a lot of money off the back of those citizens who decided to go cross-border."

But on the recent, widely-ignored ePrivacy Directive – that includes a requirement for businesses to be much more upfront about their use of cookies online – Reding expresses surprise about the lack of action from the EU's member states at the 27 May deadline.

"I always meet people who are astonished that Christmas is on the 25th of December. I always encounter governments that are astonished that a law that has been voted for two or three years before has to be applied on that date… That is not just on the cookies, but a general problem, which I have normally.

"This decision doesn’t come out of the blue. That was the Council of Ministers plus the European Parliament who had done this together… You decide something, you apply it. If you don’t we bring the country to the court."

Reding is unable to comment on what this means for the UK government, which freed up web owners in Britain from the burden of implementing the changes requiring websites within the EU to obtain a visitor's consent to install a cookie in their browser. It effectively deferred enforcing the law for one year.

"It's much too early to say [on UK] as it’s only some days into the law," she says. "I have already spoken to ministers here [and told them] that Christmas is on the 25th."

Elsewhere, the EC is already taking legal action against the UK government for alleged failures over regulating Phorm and for lacking proper data protection laws. The Commission believes the green light given for BT's use of the web monitoring software without gaining prior consent from its customers is illegal.

It's unclear if the UK Home Office's recent plans to change the Regulation of Investigatory Powers Act (RIPA) to demand full consent to monitoring of individuals' private communications will appease Brussels regulators.

But with the case remaining "under investigation", Reding tells us that she's unable to provide further comment on the matter.

More generally she points out that "there is a big business on selling information, but people are not aware of it".

She says they are "very naive, very often. Informed consent means they know their data can be sold to a third party for this and this utilisation."

But Reding wants that decision to be in the hands of the individual, while still allowing companies to use methods such as targeted advertising, which she sees as "an interesting business model".

Internet Security Threat Report 2014

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The hidden costs of self-signed SSL certificates
Exploring the true TCO for self-signed SSL certificates, including a side-by-side comparison of a self-signed architecture versus working with a third-party SSL vendor.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.