Feeds

Data Protection Directive revamp: UK looking sidelined?

Economic protectionism could mean more than privacy

New hybrid storage solutions

Opinion The EU Justice Commissioner Viviane Reding, Vice-President of the European Commission, and the German Federal Minister for Consumer Protection, Ilse Aigner, have come forward with a joint statement claiming that proposals to reform the 1995 Data Protection Directive will be published by the end of January 2012.

It is clear that their promise “to achieve a robust data protection framework for Europe's internal market that can successfully address the challenges of today's digital world” is at odds with the UK view that there is little to change.

The joint statement says the following:

Data protection is highly relevant for consumers and businesses regardless of borders. It therefore needs to be addressed at the European level, through high, common European standards with global appeal. The Lisbon Treaty provides Europe with a unique opportunity to modernise and strengthen data protection rules now. We both believe that as a result of this reform process, consumers in Europe should see their data strongly protected, regardless of the EU country they live in and regardless of the country in which companies, which process their personal data, are established

The relatively weak data protection regime “enjoyed” by UK citizens following Durant appears to coming to an end.

We both believe that companies who direct their services to European consumers should be subject to EU data protection laws. Otherwise, they should not be able to do business on our internal market. This also applies to social networks with users in the EU. We have to make sure that they comply with EU law and that EU law is enforced, even if it is based in a third country and even if its data are stored in a 'cloud' [my emphasis].

This will not appeal to USA companies selling services into Europe. I expect the USA to argue that the European Union is practising economic protectionism justified in terms of a bogus privacy requirement. Facebook is also on notice to reform its privacy practices.

In modernising the EU's data protection rules, we believe that consumers must be more empowered than they are today. Users should be in control of their data. This is why in our view, EU law should require that consumers give their explicit consent before their data are used. And consumers generally should have the right to delete their data at any time, especially the data they post on the internet themselves [my emphasis].

Quick memo to marketing department. Please note that “explicit consent” is not an “opt-out” – lots of love, data protection officer! Also the right to delete is almost as impracticable as a right to forget (see references); it is not the way to deal with this issue.

We will work closely together to make sure that the modernisation of the EU’s data protection rules addresses these issues and that the EU’s data privacy principles are turned into a reality for consumers and businesses everywhere in Europe.

Note that the above commentary is limited to business personal data and does not include anything about extension of a new data protection directive to law enforcement. Reading the runes, I think this means that new data protection regime could well become split into two: one component relating to upgrading Directive 95/46/EC without the law enforcement and another component dealing with just the law enforcement elements.

This in turn increases the prospect of a regulation just to upgrade Directive 95/46/EC, as the contentious law enforcement extension has been separated off for detailed discussion in a further initiative.

Also politically, I sense that the UK is in a weak position as euro-zone ministers are getting fed up with the barracking comments from UK finance ministers to “get your house in order”. I am beginning to wonder whether the Euro-sceptic tone from the UK means that any UK view on European data protection standards will be quietly sidelined.

Indeed, one way that Sarkozy, Murkel et al “can get pay-back” from the UK is to impose Euro-standards of data protection, by regulation, on the UK. After all, it won't cost them a penny but they know it would sure upset the Brits.

References

UK government's position on data protection.

Commission’s view of what is wrong with the UK’s implementation of the Data Protection Act (PDF).

Reding and Aigner's statement is here.

This story originally appeared at HAWKTALK, the blog of Amberhawk Training Ltd.

New hybrid storage solutions

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.