Europe Remains Divided on Government Role in Privacy Regulation
STOCKHOLM -- Europe remains divided on privacy regulation, panelists indicated at the European Dialogue on Internet Governance Thursday. With the Privacy Directive review underway in Brussels, the three EU bodies which were all represented on the EuroDIG panel, representatives of industry and non-governmental organizations struggled to agree how far data protection and privacy protection should go.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
Pointing to what’s been labeled by some as the “cookie nightmare,” Vice President of European Parliament Alexander Alvaro blamed lack of coordination and some misunderstandings for some problems with the recently reviewed e-Privacy directive. That’s something to be avoided for the new Privacy Directive, he said. Alvaro said a passage that would have made the use of a cookie-enabling browser an easy way to consent was taken out by the Czech presidency and the European Commission.
The e-Privacy Directive discussion was closed too fast, agreed Rosa Belcaro of the DG Information Society. She applauded the do-not-track technical standardization effort: “I think it’s worth looking at it and thinking about how we can use these technologies.” She also welcomed self-regulation efforts that could complement the regulation focusing on consent and transparency.
"We should be able to control the profiling processes,” said Katarzyna Szymielewicz, speaking for European Digital Rights. She said self-regulation isn’t enough, and an easy differentiation between what’s sensitive and non-sensitive data isn’t possible given the unlimited means to aggregate and analyze different pieces of personal data. Pat Walshe of carrier association GSMA warned against potential harmful consequences of regulation. He said strict consent requests for location data in Germany resulted in such high barriers “that you do not go into that market.” The GSMA presented privacy design guidelines for mobile application development in March, and Walshe said users should be able to decide what risk they would take, since many are very interested in benefitting from services based on profiles.
Alvaro said the new privacy regime should be passed in the EU by Q1 2014, but he doubted that the right to be forgotten currently in the draft would be kept. Under the current draft, U.S. companies targeting the European market could be asked to comply with the regulation even if they have no office in the EU.