Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
Jan. 28 — The large number of issues left open in the final agreed text of the European Union's soon to be finalized General Data Protection Regulation shouldn't undermine the regulation's goal of creating a single, harmonized EU privacy regime, leading lawmakers involved in the reform said Jan. 27.
Michał Boni, a center-right Polish member of the European Parliament's Civil Liberties, Justice and Home Affairs committee (LIBE), which played a leading role in the development of the data protection regulation, said that the final text contained 54 “options for national implementation” that could work against the harmonization goal.
Boni didn't cite a source for the figure, but gave the example of the age below which children would require parental consent to access social media services, such as those offered by Facebook, Inc. The regulation sets the default age at 16 but permits EU countries to adopt a lower age with a minimum of 13 .
This provision raised “a certain risk that it will lead to a sort of geoblocking,” which would harm the EU's digital single market aims, Boni said. He was speaking at the 9th International Conference on Computers, Privacy & Data Protection in Brussels.
Bojana Bellamy, president of the Hunton & Williams LLP Centre for Information Policy Leadership, told Bloomberg BNA Jan. 27 that in the regulation's transition phase, there was “huge scope for de-harmonization.”
On the regulation's provisions that had left issues open, there should be “forward-thinking” interpretation to ensure that no new obstacles to EU data-driven innovation were created, Bellamy said.
EU negotiators Dec. 15 concluded nearly four years of talks on final text of a new General Data Protection Regulation, which would replace the 20-year-old Data Protection Directive (95/46/EC) . After formal ratification—which should happen by mid-2016—the regulation will take effect after a two year transition period
Depending on how the regulation's provisions are interpreted, Boni said, another potential risk for companies is the right of data portability.
This right “should be analyzed and we should know exactly what it means,” so that the responsibilities of service providers are understood, Boni said.
Article 18 of the regulation provides that when a data subject requests portability of his or her data, it should be “transmitted directly from controller to controller where technically feasible.” Boni also said that the split of liability between data controllers and data processors should be clarified, and that “we should develop the understanding” of the concept of pseudonymous data.
The lead role in the transition period before full implementation of the regulation will be played by the European Data Protection Board (EDPB), which will replace the Article 29 Working Party of EU member state data protection commissioners.
Even on this, Boni said “we need guidance for the EDPB,” so that it doesn't diverge from the harmonization goal when interpreting the regulation.
Speaking at the same conference, Axel Voss, a German member of the European Parliament from the same center-right grouping as Boni, criticized the regulation for being “very complex and very cumbersome,” and said that the transition period should be used to find “practical solutions” to minimize burdens on companies.
The regulation was a “missed opportunity” in terms of stimulating the digital economy, and offered “too much” flexibility to EU member states to vary some provisions, Voss said.
“The big companies won't be challenged by the new data protection law,” but it would undermine innovation and “hamper growth,” because of, for example, overly strict consent provisions and too-tight restrictions on use of pseudonymized data, Voss said.
He added that the regulation had made the EDPB “too powerful,” so that “for me, it's like the Chinese central committee.”
Jan Philipp Albrecht, the German Green lawmaker who steered the data protection regulation through the European Parliament, speaking at the same event, defended the agreed text.
“Of course there will be an impact and an adjustment necessary,” but the regulation would encourage global companies to comply with EU standards, which meant that smaller EU companies were “now on an eye-to-eye level” with the multinationals, Albrecht said.
Bellamy said that the regulation was a “very complicated law and we are where we are,” and regulators should work with it, rather than seek to make retrospective changes.
“Could we have done better? Of course we could. But it could have been ten times worse,” she said.
To contact the reporter on this story: Stephen Gardner in Brussels at firstname.lastname@example.org
To contact the editor responsible for this story: Jimmy H. Koo at email@example.com
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)