In remarks to the 2nd Annual European Data Protection and Privacy Conference
in Brussels on December 6, Viviane Reding, Vice-President of the European Commission
and the European Union (EU) Justice Commissioner, spoke on the future of data
protection and transatlantic cooperation with the United States.
She confirmed that “in the digital age, the collection and storage of
personal information are essential (and) in a globalized world, the transfer
of data to third countries has become an important factor in daily life.”
However, while the EU needs “to facilitate these exchanges if we are to
encourage innovation and stimulate growth, it also should protect the rights
of those whose personal data is transferred to third countries”.
In addition to binding corporate rules or codes of practice to facilitate secure
transfers of data which, once approved by the EU’s data protection authorities,
become legally binding, Reding said that she wanted to simplify the regulatory
environment for businesses. She wants to introduce one data protection law in
Europe and have one single data protection authority for each business.
However, she also emphasized that the above must not be done at the expense
of individuals' rights. “Their data needs to be properly protected. This
is why I will propose a new European law on data protection next month. It will
replace the law from 1995, when the full potential of the internet had not yet
been realized.”
“People,” she continued, “are sharing more and more personal
information online and it is now important to ensure their rights. For this
reason, the reform of EU data protection rules will include easier access to
one's own data, and better data portability so that it is simple for users to
transfer their data between providers.”
Reding has decided that “solid rules are good for consumers but they
are also good for internet companies, because they create legal certainty”.
In that respect, clear rules are also needed for the transfer of data
outside the EU, she said.
She reminded her audience that, last year, she had welcomed the US Democrat-Republican
joint initiative on data protection and the introduction into Congress of a
draft Commercial Privacy Bill of Rights. Several US lawmakers had made it clear
that a federal law would be necessary to ensure the protection of privacy in
the US. They had argued, she said, that the US government had a substantial interest
in creating a level playing field for all collectors of personal data both in
the US and abroad.
However, she has now been told that only voluntary codes of conduct
based on multi-stakeholder consultations are envisaged. "Well, I hope I got it
wrong – because I am worried that US 'self-regulation' will not be sufficient
to achieve full interoperability between the EU and US,” she remarked.
She looked at the data protection agreement that the EU is currently negotiating
with the US, under which substantial progress would be needed to conclude its
negotiations in 2012. Europeans would need to be “confident that their
rights are respected whenever their personal information is transmitted in Europe
or over the Atlantic for law enforcement purposes”.
She concluded that the EU and US “need to make sure that future developments
in data protection enhance this trust – based on firm legal grounds on
both sides of the Atlantic".
"I hope our reform of data protection rules in the
EU can be an inspiration for such changes in the US and elsewhere,” she said.
OFFSHORE-E-COM.COM
