'Donkey-tugging' EU data protection law backed by MEPs
Politicos call for bigger fines, FORGET about 'right to be forgotten' plea
MEPs voted for an overhaul to existing data protection laws in Europe late yesterday, after the parliament's civil liberties committee made nearly 4,000 amendments to Justice Commissioner Viviane Reding's draft bill.
The lawmakers, in recent months, have been lobbying for tougher controls in the wake of the PRISM/NSA scandal.
The European Parliament said that politcos had "inserted stronger safeguards for data transfers to non-EU countries" in direct response to "mass surveillance cases".
At the same time, one of the major tenets of Reding's bill has been watered down. The commissioner's "right to be forgotten" online plea has been tweaked in recognition of the fact that it is very difficult to completely remove potentially offensive or upsetting material about an individual from the internet.
Instead, the bill now calls for "a right to erasure" - wording that perhaps better reflects how web outfits control such content that can be easily copied and shared elsewhere online.
Meanwhile, MEPs beefed up Reding's initial demand that internet companies that break the rules would face fines of up to 2 per cent or €1m of their global turnover, whichever was greater.
They are now calling on 5 per cent of a firm's annual global turnover or - for smaller outfits - a penalty capped at €100m.
The European Parliament's general data protection regulation rapporteur Jan Philipp Albrecht said of last night's vote:
This legislation introduces overarching EU rules on data protection, replacing the current patchwork of national laws.
Parliament now has a clear mandate to start negotiations with EU governments. The ball is now in the court of member state [28 countries] governments to agree a position and start negotiations, so we can respond to citizens' interests and deliver an urgently-needed update of EU data protection rules without delay.
The data protection package is made up of two laws: "a general regulation covering the bulk of personal data processing in the EU, both in public and private sectors", and "a directive covering personal data processed to prevent, investigate or prosecute criminal offences or enforce criminal penalties".
It will now be scrutinised by member states and the European Commission with ambitious plans to get the legislation - intended to overhaul a 1995 law to make it "fit for the digital age" - approved by May next year, ahead of European Parliament elections.
Ad lobby group, IAB Europe, bemoaned the committee's amendments. The outfit's veep Kimon Zorbas said that the MEPs had "missed a critical opportunity to strike the right balance between the protection of European citizens’ fundamental rights to privacy and the promotion of innovation and growth. The European Parliament vote demonstrates just how detached Brussels is from commercial reality in Europe today".
While Google's global privacy counsel Peter Fleischer wrote a little story on his personal blog about two farmers bitterly feuding over the use of one donkey ... ®
Sponsored: Global DDoS threat landscape report