A Case of Cut-and-Paste: The New Uniform Data Protection Rules Proposal in the EU

By Ana Maria Calero


After the storm of lobbying efforts and in the middle of the fiercest criticism from public interest organizations, the European Commission endorsed the ITRE opinion on the proposal for reform of the data protection regulation. The main purpose of the reform is to provide certainty and uniformity required for the industry; however several doubts about the independency of the European Commission have been raised.


On February 20, 2013, the European Commission voted and adopted an opinion by the European Parliament’s Industry, Research and Energy Committee (ITRE) on the proposals to reform the data protection rules which date back to 1995 in order to modernize and update its principles to deal with the new challenges of the digital age. The Civil Liberties, Justice and Home Affairs Committee (LIBE) will now consolidate the proposals and vote on its own report by the end of April. Vice-President Viviane Reding, the EU’s Justice Commissioner said on Wednesday “today’s vote by the European Parliament’s Industry Committee is an important signal that industry needs uniform and clear data protection rules to take advantage of our Digital Single Market.”


The main innovations of the reform are the introduction of (i) directly applicable regulation on the processing of personal data; (ii) a “one-stop shop” for companies that operate in several EU countries by establishing that they will only have to deal with the data protection authorities of the EU country where they have their main place of business; (iii) a “consistency mechanism” to ensure that the Commission serves as support when regulators cannot agree on a common line’ and (iv) new exceptions for small and medium-sized enterprises. According to the Commission’s Memo the importance of this step towards new privacy regulations lies on the need to deal with the transfer of data to third countries in light of cloud computing. Furthermore, the Commission stresses a declining confidence in online services and tools, negatively affects the “growth of the digital economy and Europe’s digital single market.”


The ITRE report received numerous criticisms by civil liberties groups and consumer organizations accusing members of the Parliament (MEPs) of caving in to pressures from big businesses like Amazon, eBay as well as from the American Chamber of Commerce. According to some of these critiques, MEPs have voted to reduce the control over the use and narrow the definition of personal data, weakened the meaning of consent and personal information and allowed companies to use data for purposes unrelated to the original collection.


In effect, the new regulations on digital privacy were subject of lobby efforts by various U.S. corporate entities. It is important to note that the first proposal on data protection was extremely strict, especially in the field of the right to be forgotten. Yet, after more than one year of lobby campaigns, the EU document suffered severe changes. Seán Kelly, the parliamentarian in charge of drafting the opinion, denied any such accusations and stated that no one had influenced him although his “door was open” and that the proposals were “by and large, well-balanced”. However, using openly-available information the site LobbyPlag showed that in many cases the European Representatives introduced word-for-word the documents prepared by lobbyists, into the amendments proposed for the Data Protection Regulation.












1 Trackback / Pingback

  1. European Parliament Committee On Industry, Research And Energy Publish … » Cyber Crimes Unit | Cyber Crimes Unit

Comments are closed.