Representatives from industry and government have been voicing their opinions on the European Commission’s proposed data protection regulation.
Earlier this month, the Irish presidency published an update to the European Council of Ministers disclosing its progress on the legislation. According to Hunton & Williams’ Privacy and Information Security Law Blog, a number of EU Member States have “voiced their disagreement with the level of prescriptiveness” of the proposed framework.
According to Wired, the UK Information Deputy Commissioner David Smith said the agency is concerned that some pieces of the reform are too prescriptive—such as the proposed Right to be Forgotten. “Our role is in protecting individuals, and we think it will provide protection for individuals…But to provide that, we must have a regulation that’s proportionate, practical and effective,” Smith said.
TechWeekEurope has also reported that an EU source has said that UK government lobbying efforts to minimize privacy protections in the proposed regulation will not succeed.
EU Justice Commissioner Viviane Reding will meet with Telefónica CEO Ronan Dunne to discuss the significance of the proposed reform. Together, they said, “We share the view that a single data protection regulation, which strengthens and builds on the existing EU data protection framework, is essential to facilitate a level playing field for the ICT industry,” and added, “The new rules will help realise the potential of the internal market for digital content and services and will enhance European industry's competitiveness while at the same time, encourage more consumers to embrace internet and take-up digital services, in line with the Digital Agenda goals."
Industry has chimed into the debate as well. Facebook has said the proposed framework should be broad enough to create compliance incentives. Facebook Head of Public Policy of Europe, Middle East and Africa Richard Allen said, “To the extent that the regulation goes off to do odd things, like defining in detail technical standards that is better left to industry players, then it would create huge disincentive for the companies to comply.”
GlaxoSmithKline Global Privacy Officer Mina Mehta said the European Commission should seriously consider the use of pseudonymised data and is concerned that its definition of personal data “is overly broad and has the potential to turn characteristics like eye and hair color into personal data,” Wired reports.
And last week, European legislators expressed their views on the regulation during a deliberations held by the Committee on Civil Liberties, Justice and Home Affairs (LIBE). European Data Protection Supervisor Peter Hustinx also sent the LIBE a letter outlining his views as well.
Editor's Note: Hustinx will be a keynote speaker at the IAPP Data Protection Intensive in London, UK, 23-25 April.