Monday, 30th January 2012
Tim Buckley Owen
Long anticipated, the European Commission has released its proposals for restructuring its data protection laws. They’re tough – but recent actions by a couple of major American information companies suggest that they'll need to be.
To be sure, elements of the proposals are billed as pro-business. There will be a single set of rules across the whole of the European Union (EU), which should save businesses some €2.3 billion a year, the Commission claims.
But in return European citizens will be able to demand easier access to their own data, the right to transfer it from one service provider to another more easily – and the right to have it deleted if they wish. Companies that offer services to EU citizens yet handle their data abroad must abide by EU rules – and if they don’t, the penalties could amount to €1 million or up to two per cent of their global annual turnover.
One data protection legal expert, Marc Dautlich of the law firm Pinsent Masons, gives the proposals a mixed reception. Consistency across the whole of the EU will at least bring some business certainty, and the threatened two per cent fine is a climb-down from the five per cent leaked previously, he acknowledges.
But the requirement to notify breaches within 24 hours – and particularly the “right to be forgotten” – will be a headache for all sorts of publishing businesses and other sectors too. Britain’s official privacy watchdog the Information Commissioner has already said that it’s probably unenforceable (see LiveWire coverage) – but if they really want to try and stop it, some major American players are scarcely helping their own cause.
Take the Safe Harbor arrangement, whereby some United States organisations are allowed to process European personal data (more LiveWire background) subject to Federal Trade Commission oversight. Microsoft’s EU affairs chief Ron Zink trusts that the system will continue (according to a report in the Register newsletter) and in any case regards the Commission’s new proposals as merely “aspirational”.
But Zink’s remarks provoked a retort from Walter Van Holst of the European Digital Rights group that Safe Harbor was dead – they’d just forgotten to bury it. And meanwhile, Google has scarcely endeared itself to privacy activists either.
In an interesting piece of timing, Google announced plans to consolidate its privacy policies just a day before Commissioner Viviane Reding set out her proposed new data protection rules. But Google seems to have blown it by emailing Virgin Media customers about its plans when it had no right of access to their email addresses.
American organisations sometimes seem bemused at the European obsession with privacy. Perhaps they should take a look at a recent Economist article about chilling abuse of data during the Nazi era to understand just why.
"Remote Information Teams"
If you're newly remote, you may feel like you've been thrown into a mysterious culture where you sort of speak the language but sort of not. Use Jinfo's "Focus on Remote Information Teams" to become fluent:
Our proven processes, resources and guidance will help your team make the shift from transaction centre to strategic asset.
Designed around the most common challenges and pain points for time- and resource-strapped information teams
Supercharge remote productivity and value
Holistic content portfolio management
Future-proof your information service
A tailored overview of our research and active discussion with your Jinfo analyst.
Measure your starting point to articulate your strengths and set priorities for future improvements. Assessments gauge risk, capacity, value and more.
Read case studies, and start the conversation:
Connect your team with the practical tools, original research and expertise to build and support information strategy in your organisation.
A Jinfo Subscription gives access to all Content (articles, reports, webinars) and Community.