Views on data protection diverge
Monday 05 November 2012
Although the member states' justice ministers still have quite a way to go before getting to the heart of the reform on personal data protection, many of the professionals who are closely monitoring the legislative proposals just submitted to the European Parliament already have clear-cut views. The data protection regulation and the directive on the protection of personal data processed for criminal investigation purposes, proposed by Justice Commissioner Viviane Reding, will modernise a 1995 directive and a 2008 EU Council framework decision.
The EP held a two-day hearing, on 9-10 October, to collect what turned out to be the extremely diverging views of national officials, enterprises, consumer defence groups and academics.
"We are all affected," said EP President Martin Schulz (S&D, Germany). "This legislation concerns data processed and stored when we shop online, do internet searches, use our cell phones, participate in social networks, book airline tickets, and in our contacts with our employers, banks, governments, but also data processed by the police, judicial authorities or those transferred to other countries" (as part of the counter-terrorism effort, for example).
Personal data protection is a right proclaimed by the European Charter of Fundamental Rights, made binding by the Lisbon Treaty. Not everyone has the same priorities, however.
Marietta Karamanli, vice-chair of the Committee on European Affairs of the French National Assembly, attaches "considerable importance" to the proposals but has concerns about a key element: the appointment of the national authority from the European country where a company sets up its registered office (eg: Ireland for Facebook and others) as the entity in charge throughout the EU. "Such a solution can create a real distance between citizens and their authority and will not really make for strong collaboration between national authorities," observed the French MP. The big internet companies took the exact opposite view. "If there is one priority, this is it," said Jean Gonie, in charge of data protection for Microsoft.
Criminal sphere separate?
Gerrit Hornung, professor at the University of Passau, called into question the reform's star expression: the right to be forgotten online. "This term is much too strong," he said. He noted the need to mitigate the conflict between freedom of expression and the press on the one hand, and data protection on the other. "It is impossible to have a European right to be forgotten and to have rules on freedom of the press and of expression at national level," he explained. Facebook shares these misgivings: "If someone wants to be forgotten on Facebook, this can be done by hiding information or deleting it. The same thing can be done with a message the person has posted or that someone else has posted on his wall, for example,"
Europoliticswas told recently by Erika Mann, head of the Facebook office in Brussels and former MEP (German Socialist). "But the problem is very different when someone else has posted a message about me on another account. We have to be very careful here and I do not think that a service like Facebook can delete such messages without undermining someone else's rights or the right to freedom of expression. This is a question to be treated case by case. There is already a lot of case law on the subject."
Various aspects of the draft regulation are controversial, to say nothing of the reluctance over the draft directive on the protection of personal data related to criminal investigations. Work has not begun yet in the Council of Ministers but the United States has denounced provisions it says will hinder its capacity to share data with EU countries.
Three years on from the Lisbon Treaty, the criminal sphere, formerly the preserve of states, may well be treated separately.
The EP rapporteurs, Jan Philipp Albrecht (Greens-EFA, Germany) and Dimitrios Droutsas (S&D, Greece), will present their draft report by the end of the year.