This month I thought I might tackle a subject relevant to all of us that are European citizens. In March, the European Parliament (EP) Plenary Session adopted stricter rules upon the protection of personal data after voting on its 1st Reading of the draft regulation and directive - updating and modernising the 1995 Data Protection Directive.
The EP message seems clear: reform is a necessity. Europe's MEPs have listened to European citizens and businesses and, with this vote, decided that we need uniform and strong legislation to strengthen protection.
Well that’s the ‘political message’: so, sit back and relax - our personal data is protected. That’s right isn’t it? After all, the amendments strengthen:
- fines on firms in case of violation of data protection rules (up to €100 million or 5% of global turnover instead of the €1 million initially proposed by the European Commission (EC).
- protection of EU consumers regarding data transfers to non-EU countries. (Meaning - whenever a company, social media business or any service provider wants to collect personal data for commercial purposes, it should first get in contact with each one of the EU citizens.)
- data protection on the Internet, giving the right to EU citizens to erase personal data or limit profile aspects linked with the prediction of a person’s performance at work, economic situation, location, etc.
But let’s look closer:
- The EC wanted to lower the fines on firms breaching the law under the wider framework of amendments that need to be made in the field of industrial espionage, online criminal recording, and preliminary investigations. The EC suggestions may therefore have been driven by the intention to bring in debate regarding linked regulations that should be brought in dealing with online spying.
- There is no indicator as to how someone could erase personal data online. Therefore, certainly for the time being, EU citizens’ data is accessible to firms, and protection remains an empty letter.
- It’s probable that all data gathered in previous years will remain at the disposal of commercial firms or are we to believe that, during the term following the 2014 EU elections (May), all personal data will somehow melt away until further notice?
To my mind there are no clear or practical answers to these issues and that’s worrying, given the preliminary character of the amended rules which are to be ratified after the composition of the next EP.
Without more specific debate, better described and set out more precisely, we are left contemplating whether or not EU citizens will be any better protected against improper use of personal data.
Work done so far must now be consolidated and handed over to the new Parliament for negotiation and final adoption of the reform with the EC. The EP’s main aim is to reach an agreement on this major legislative reform before the end of 2014.
Tony Richman Click here for this month's European Roundup Click here for the next Editor's Pick.