Feeds

Data Protection Directive revamp: UK looking sidelined?

Economic protectionism could mean more than privacy

Internet Security Threat Report 2014

Opinion The EU Justice Commissioner Viviane Reding, Vice-President of the European Commission, and the German Federal Minister for Consumer Protection, Ilse Aigner, have come forward with a joint statement claiming that proposals to reform the 1995 Data Protection Directive will be published by the end of January 2012.

It is clear that their promise “to achieve a robust data protection framework for Europe's internal market that can successfully address the challenges of today's digital world” is at odds with the UK view that there is little to change.

The joint statement says the following:

Data protection is highly relevant for consumers and businesses regardless of borders. It therefore needs to be addressed at the European level, through high, common European standards with global appeal. The Lisbon Treaty provides Europe with a unique opportunity to modernise and strengthen data protection rules now. We both believe that as a result of this reform process, consumers in Europe should see their data strongly protected, regardless of the EU country they live in and regardless of the country in which companies, which process their personal data, are established

The relatively weak data protection regime “enjoyed” by UK citizens following Durant appears to coming to an end.

We both believe that companies who direct their services to European consumers should be subject to EU data protection laws. Otherwise, they should not be able to do business on our internal market. This also applies to social networks with users in the EU. We have to make sure that they comply with EU law and that EU law is enforced, even if it is based in a third country and even if its data are stored in a 'cloud' [my emphasis].

This will not appeal to USA companies selling services into Europe. I expect the USA to argue that the European Union is practising economic protectionism justified in terms of a bogus privacy requirement. Facebook is also on notice to reform its privacy practices.

In modernising the EU's data protection rules, we believe that consumers must be more empowered than they are today. Users should be in control of their data. This is why in our view, EU law should require that consumers give their explicit consent before their data are used. And consumers generally should have the right to delete their data at any time, especially the data they post on the internet themselves [my emphasis].

Quick memo to marketing department. Please note that “explicit consent” is not an “opt-out” – lots of love, data protection officer! Also the right to delete is almost as impracticable as a right to forget (see references); it is not the way to deal with this issue.

We will work closely together to make sure that the modernisation of the EU’s data protection rules addresses these issues and that the EU’s data privacy principles are turned into a reality for consumers and businesses everywhere in Europe.

Note that the above commentary is limited to business personal data and does not include anything about extension of a new data protection directive to law enforcement. Reading the runes, I think this means that new data protection regime could well become split into two: one component relating to upgrading Directive 95/46/EC without the law enforcement and another component dealing with just the law enforcement elements.

This in turn increases the prospect of a regulation just to upgrade Directive 95/46/EC, as the contentious law enforcement extension has been separated off for detailed discussion in a further initiative.

Also politically, I sense that the UK is in a weak position as euro-zone ministers are getting fed up with the barracking comments from UK finance ministers to “get your house in order”. I am beginning to wonder whether the Euro-sceptic tone from the UK means that any UK view on European data protection standards will be quietly sidelined.

Indeed, one way that Sarkozy, Murkel et al “can get pay-back” from the UK is to impose Euro-standards of data protection, by regulation, on the UK. After all, it won't cost them a penny but they know it would sure upset the Brits.

References

UK government's position on data protection.

Commission’s view of what is wrong with the UK’s implementation of the Data Protection Act (PDF).

Reding and Aigner's statement is here.

This story originally appeared at HAWKTALK, the blog of Amberhawk Training Ltd.

Beginner's guide to SSL certificates

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Big Content outs piracy hotbeds: São Paulo, Beijing ... TORONTO?
MPAA calls Canadians a bunch of bootlegging movie thieves
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
Hungary's internet tax cannot be allowed to set a precedent, says EC
More protests planned against giga-tariff for Tuesday evening
US court SHUTS DOWN 'scammers posing as Microsoft, Facebook support staff'
Netizens allegedly duped into paying for bogus tech advice
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.
Business security measures using SSL
Examines the major types of threats to information security that businesses face today and the techniques for mitigating those threats.