EU data protection reform
March 5, 2013
Current EU data protection laws date back to 1995 - the Stone Age in the digital world. So data protection laws need to be updated to include today's technologies: smartphones, e-commerce and social media. "Data has become more mobile and we have react to that," Nadja Hirsch, FDP Member of the European Parliament (MEP), told DW. But EU legislative reform can drag on for years. And no wonder for data protection, which is extremely complicated because it covers many areas and affects numerous economic interests. Last year, Viviane Reding, EU Commissioner for Justice Fundamental Rights and Citizenship, proposed reform of the EU's data protection rules. Since then, the European Parliament and its member states have been debating the issue heavily.
Who owns the data?
Data protection reform is mainly about strengthening the self-determination of the privacy and not limiting it, Reding said. She wants a higher degree of data protection, which would apply to service providers in the EU.
German Consumer Protection Minister, Ilse Aigner, supports Reding's proposal. "There cannot be any loopholes, for social networks or for app stores or online retailers. We need to make sure that EU law will apply even if providers have their headquarters outside the EU, or the data is stored in a 'cloud' somewhere else in the world," she said in a joint statement with the EU commissioner.
Companies shouldn't be able to make personal data available or create user profiles without their consent, the commission said. Also, users should have the right to be forgotten.
Too much protection bad for business
But the alarm bells are ringing for Christian Democratic Union (CDU) MEP Axel Voss, who is sitting in on the negotiations on behalf of the European People's Party parliamentary group. Too much data protection policy is bad for innovation and growth, he told DW in an email. Voss believes Internet giants have a tactical agreement with consumers at risk - they give their data to the companies to get free services. Too much data protection and you risk heading towards a "user-pays internet." Users could have to pay subscription fees of 20 to 40 euros ($26 to $52), which have been free, according to Voss.
"People are not interested in extreme data protection policies, because they will be affected later on financially," he said.
Extensive lobbying
However, saying that an extension of data protection laws would result in user fees is a successful result of lobbying by interested companies, according to the Green Party. Greens MEP, Jan Phillip Albrecht, who worked on the draft as the EU Parliament's Rappoteur, deplores the "very extensive lobbying" which is taking place as the policy is debated. Activists from web-based activist platform lobbyplag.eu go further. The accuse MEPs of taking parts of the proposed changes for the new data protection law word for word from companies, after comparing the text to the rhetoric of the industry. But Axel refutes their claim. "[They] were heavily influenced by NGOs, that appeared to have no vested interest," he said.
The extent of data protection
While the different groups of the European Parliament debate on the extent of the reform, they can agree on one thing - the need for standardization of EU laws. Today, every country has its own rules. Greens member, Jan Phillip Albrecht wants to "set a standard" preventing companies from establishing their headquarters in countries with the least protection. Liberal democrat Nadja Hirsch believes employee data privacy is extremely important. You have to be sure, for example, that "no matter what country you are working in, that you are not being secretly video recorded." As for the internet, she finds it "wrong to fool the public that their data is absolutely secure." The debate over a minimum European standard is only set to intensify before the June deadline for agreement set down by the Irish presidency.