MEPs approved new EU privacy rules today (14 April), including a regulation on consumer privacy that attracted the aggressive ire of lobbyists during its four-year run through negotiations in the European Parliament.
The new data protection regulation drew a total of 3,999 amendments from MEPs, topping all other pieces of legislation in the Parliament’s history, a spokesperson confirmed.
German Green MEP Jan Philipp Albrecht (Bündnis 90/Die Grünen) said the number of amendments was a direct result of lobbyists of different stripes pushing changes on the bill.
“With those figures you can see that these questions of personal data protection are fundamental questions for tomorrow’s economic and legal framework, they’re not just technical questions,” Albrecht said when asked about the 3,999 amendments.
Albrecht said that in addition to working through the amendments with his assistants, he had to ask the Parliament to assign more staff members to the Civil Liberties, Justice and Home Affairs Committee (LIBE) to deal with the flood of requests to change the privacy bill.
Despite all the lobbying on Albrecht’s original draft, he calls the regulation that was passed today a “very good compromise”.
“It will have an impact on the world-wide global dimension of this field and the treatment of personal data,” he said.
The regulation is set to go into effect in 2018. A directive on data protection, which regulates public authorities use of personal data (not consumer data), was also passed today. Both laws were approved without a vote.
David Martin, senior legal officer at the European Consumer Organisation called the regulation’s passing “the opening of a new chapter for data protection in Europe, although not the end of the story”.
Albrecht agreed that there is still a lot of change needed to step up Europe’s privacy standards.
He called national intelligence agencies the “sleeping lion” and argued for an EU standard on their activities.
“I think the next big step is that we need to get it right with regard to the core of privacy and civil liberties in the digital society, which means we need to evaluate surveillance measures and adjust them to what we see as a liberal democracy,” Albrecht said.
Albrecht is also rapporteur on the so-called Umbrella Agreement regulating data transfers to the United States for law enforcement use, one of several privacy laws still pending in the Parliament.
The European Commission has announced it will propose changes next year to privacy rules that apply specifically to telecoms companies.
Lise Fuhr, director general of telecoms association ETNO, said today that it’s “urgent to reform the outdated ePrivacy Directive and make sure Europe unleashes new, innovative services to the benefit of European users”.
Background
Existing European rules on data protection were adopted in 1995, when the Internet was still in its infancy.
In January 2012, the European Commission published a vast legislative package aimed at replacing the existing rules and giving greater protection to personal data across the EU.
The package includes two legislative proposals: one general regulation on data protection (directly applicable in all the member states) and one directive specifically aimed at data protection in the police and the justice systems (to be transposed into national law).
Since then, the data protection debate took a new twist with revelations about US eavesdropping activities.
Whistleblower Edward Snowden revealed in 2013 that the NSA had secret wide-reaching authority to snoop on emails and internet communications using a data-mining programme called Prism.
European politicians reacted angrily to the news and called for stricter measures to ensure privacy.