Industrialists and diplomats have accused MEPs of rushing through data protection laws that they say would boost their electoral chances more than Europe’s economies, ahead of next year’s parliamentary elections.
At a data protection and privacy conference in Brussels Tuesday (17 September) organised by Forum Europe, policymakers and the information technology industry clashed over the timeline of the draft EU data protection law.
The draft regulation proposed in January 2012 (see background) is currently being negotiated among MEPs before a vote in the Parliament's civil liberties (LIBE) committe.
Paul Nemitz, director for Fundamental Rights and Citizenship at the European Commission’s DG Just, said that for those companies who take their customers serious as valuable partners and think about the future and what it means in terms of data protection the new rules will not be a big deal.
"If you are operating cross-borders, your life is likely to become easier. Why? Because in the future, we’ll have one law in form of a regulation rather than 28 implementing laws based on a directive and we will have a consistency mechanism," he said.
Nemitz added that everyone will benefit from the new rules and they will essentially be a boost to the economy and to the protection of the individual.
"I think we should all work together to get this act through the Council and the Parliament before the next Parliament elections and those who keep being bigoted and wanting changes, they may carry the responsibility that we will not be able to come up with this boost for the economy," the fundamental rights director stated.
The new rules propose to include provisions catering for the right to be forgotten, data portability and access to personal data.
Parliament marching on
Christopher Graham, the UK’s Information Commissioner, said he strongly supports the intention of the reform, the idea of a regulation and consistency.
"We want this thing to work. But there’s no good dismissing our very specific concerns about the detail of the regulation. It’s not fair to say that all the good guys who are in favour of growth are behind the regulators and those who are raising questions are somehow standing out against prosperity," Graham stressed.
It will be a big mistake if the Council, Commission and Parliament "just march on", Graham said, just to be done with the regulation before the elections.
"We have heard industry being dismissed for lobbying, but I’m very critical of the European Parliament now simply going into politicking mood. I don’t want to see a wrong regulation just because individual MEPs want to be on the critical point on their party list for next May," the Information Commissioner added.
Devil in the detail
Graham's views were backed by Jonathan Weeks, director for legal affairs in Europe, the Middle East and Africa at Intel. He emphasised that the devil is in the detail.
"I don’t think that we can just simply ‘do it’ and then hope for the best," Weeks said. "There are number of areas of concern around the draft document. Though it proposes a two-year implementation, my concern is that the moment with this ‘just do it’ attitude will come back at us if we just implement a document which isn’t thought through,"
“We need to have an organisation. We need to have a new text. That we have to look at 28 different regimes is not sustainable. I think we all want the same. The problem is how are we going to achieve this? From a business perspective, the importance is the definition. At this point we are still not very clear on some definitions," the Microsoft director said.
The European Commission published in January 2012 a broad legislative package aimed at safeguarding personal data across the EU.
The package consists of two legislative proposals: a general regulation on data protection (directly applicable in all member states) and a specific directive (to be transposed into national laws) on data protection in the area of police and justice.
The two proposals have been discussed extensively in the European Parliament and the Council and are due to be voted on by the Parliament in the near future.
The new rules propose to include provisions catering for the right to be forgotten, data portability and access to personal data. But deputies are struggling to agree on around 4,000 amendments, some directly copy-pasted from corporate entities into the draft, possibly stalling the orientation vote in the civil liberties committee again.
- 2013: Updated data protection rules continue to be negotiated by European Parliament and European Council
- 22-25 May 2014: Parliament elections
- EUR-Lex: Existing Data Protection Directive (24 Oct. 1995) [FR]
- European Commission: Proposed regulation revising data protection rules (25 Jan. 2012) [FR]
- European Commission: Proposed Directive on use of data by security institutions (25 Jan. 2012) [FR]
- US mission to the EU: Five Myths Regarding Privacy and Law Enforcement Access to Personal Information in the European Union and the United States (4 December 2012)
- US Department of Commerce: Informal paper on EU data protection overhaul (16 Jan. 2012)