Feeds

Google ECJ case: No commish, it means we don't need right-to-be-forgotten rewrite

Reding claims ruling serves as 'strong tailwind' for her draft bill. Really?

Reducing security risks from open source software

Comment Brussels' Justice Commissioner Viviane Reding claimed that today's EU Court of Justice's landmark search engine case, which stunned Google, served as a "strong tailwind" for her draft rewrite of the 28-member state bloc's 19-year-old data protection rules.

But is she being a little optimistic?

As I noted earlier today, the judges reached their conclusion that Google and other search engines can be held responsible - in certain circumstances - for the type of personal data that appears on their results pages based on existing laws in the 1995 Data Protection Directive.

One might therefore wonder how necessary it is for Reding's campaign for the "right to be forgotten" online to be written into EU legislation.

The European Commission's vice-president took to her Facebook page to celebrate the ECJ judgment by rightly noting that it was "a clear victory for the protection of personal data of Europeans".

Reding reiterated the opinion she expressed to me back in 2011, by saying that "companies can no longer hide behind their servers being based in California or anywhere else in the world."

Google is indeed licking its wounds, having apparently been caught by surprise with the ruling, which unusually went against an Advocate General viewpoint submitted to the top EU court in June last year.

But Reding's insistence that the "judgement is [a] strong tailwind for the data protection reform", first tabled in January 2012, is a bit of a fudge of the facts as they are now laid before us.

Despite best efforts to push her draft Data Protection bill through this Parliament, Reding failed. Instead, her proposals underwent thousands of amendments before MEPs threw their support behind the DP directive overhaul.

But, significantly, the bill is actually only about two-thirds of the way there. Crucially, the EU's main decision-making and legislative body, the Council of Ministers, is yet to submit its views on Reding's Data Protection Directive plans.

A separate one-stop shop measure written in the draft law was attacked late last year by the European Council's legal service chief, who questioned whether it was lawful, opining that it might breach European citizens' human rights.

The European Council has no powers to pass laws, but it does influence the political agenda in the EU.

Reding argued, following the judgment:

The data belongs to the individual, not to the company. And unless there is a good reason to retain this data, an individual should be empowered by law to request erasure of this data.

The ruling confirms the need to bring today's data protection rules from the "digital stone age" into today's modern computing world where data is no longer stored on "a server", or once launched online disappears in cyber-space.

This is exactly what the data protection reform is about: making sure those who do business in Europe, respect European laws and empowering citizens to take the necessary actions to manage their data.

Today's ruling against Google - some EU nation states might conclude - proves that measures that help tighten privacy rights for citizens already exist, so why bother with a rewrite? In which case, did Reding's campaign for the "right to be forgotten" just suffer a major blow?

Back at the start of 2012, when the commissioner first tabled her draft bill, the UK's then Under-Secretary of State at the Ministry of Justice, Crispin Blunt, said: "We should look to better understand each other and our respective laws rather than unpicking enduring principles and introducing an entirely new, and quite possibly impractical regulatory framework."

That note of caution resonates even more strongly now. ®

Maximizing your infrastructure through virtualization

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.