Sunday, June 9, 2013

Europe Still Wrangling Over Online Privacy Rules

But because of intense lobbying by Silicon Valley companies and other powerful groups in Brussels, several proposals have been softened, no agreement is in sight and governments are openly sparring with one another over how far to go in protecting privacy.

On Thursday, justice ministers from the European Union’s 27 member states agreed to a business-friendly proposal that what companies do with personal data would be scrutinized by regulators only if there were “risks” to individuals, including identity theft or discrimination.

The ministers debated a proposal that would no longer require companies to obtain “explicit” consent from users whose personal data they collect and process, instead of “unambiguous” consent, which is considered to be a lower legal threshold. And they discussed a proposal on balancing an individual’s right to data protection with other rights, including the freedom to do business.

The ministers deferred discussion of the other most fractious provision, the so-called right to be forgotten. But in recent weeks, public comments by lawmakers and draft language suggested a softening of approach.

“The right to be forgotten has been softened, made more palatable,” said Viktor Mayer-Schönberger, professor of Internet governance at the University of Oxford. “But it is by no means dead.”

Although a final version of the legislation is not expected to be completed for many months, and maybe not until next year, the developments on Thursday are an early signal that the technology industry’s lobbying efforts are gaining some traction.

The lobbying has been “exceptional” and legislators in Europe need “to guard against undue pressure from industry and third countries to lower the level of data protection that currently exists,” said Peter Hustinx, the European data protection supervisor, referring to countries outside of the European Union.

“The benefits for industry should not and do not need to be at the expense of our fundamental rights to privacy and data protection,” Mr. Hustinx warned in e-mailed comments.

In the last year, American technology companies have dispatched representatives to Brussels and issued white papers through industry associations arguing that stringent privacy regulations would hamstring businesses, already suffering from the recession in Europe.

United States government officials have also made trips across the Atlantic to press policy makers like Viviane Reding, the union’s justice commissioner, who drafted the original, strict measures, to press for a less restrictive approach to data privacy.

The industry’s arguments have found a ready audience among some European governments. They include Ireland and Britain, where there are acute worries that the European Union is failing to take advantage of growth opportunities from Internet businesses that might help revive the economy. Apple, Facebook and Google all have European headquarters in Dublin.

“Europe is not sleepwalking into unworkable regulations,” said Richard Allan, Facebook’s director of policy for Europe, echoing a cautious optimism among industry officials about the data privacy law. “What’s positive is that over the last year, the debate has broadened out. There are other voices in the debate, who are saying: ‘Hang on a minute. What about the economic crisis?’ ”

The proposed law would affect most companies that deal in personal information — including pictures posted on social networks or information on what people buy on retail sites or look for using a search engine.

Whatever is enacted would serve as the privacy law in every country in the European Union and potentially have a bearing on other countries drafting data protection laws of their own.

The ministers took up their version of the law on Thursday; another version is under discussion by the European Parliament.

James Kanter reported from Brussels and Somini Sengupta from San Francisco.

No comments:

Post a Comment