The Brussels EU bubble may be almost at a halt in August, but lights are still on in the European Commission’s main building, known as the Berlaymont. As one walks on the top floors, one may run into EU Commissioner Ylva Johansson, in charge of home affairs. Her portfolio ranges from the EU internal security strategy, the fight against terrorism and cooperation on law enforcement, to migration and asylum policy, and the fight against human traffickers and smugglers. So it is expected that data protection and privacy come up once in a while in her work. Her office leads the European Commission’s new proposal on preventing and combating child sexual abuse. In last week’s “View from Brussels,” I mentioned the European Data Protection Supervisor and European Data Protection Board laid down their concerns about the proposal in a joint opinion.

Well, Mrs. Johansson is not having any of it and addressed the privacy watchdogs’ criticism in a blog post this week. “What is surprising and striking, to say the least, is that the EDPB/EDPS opinion has no reference to the right to privacy of the child,” she stated. Ouch. In this detailed piece, she defends her proposal’s approach based on proportionality and technological neutrality, concluding that what "frustrates (her) most is that there is a risk of advocates creating opposition based only on abstract concepts. Abstract notions based on misunderstandings.”

Johansson’s team is also leading another long-standing topic that has been the subject of animated discussions among EU legislators, member states governments and data protection authorities: e-evidence. The European Commission presented its package of two proposals in April 2018: the Directive on electronic evidence in criminal proceedings, and the electronic evidence Regulation on the European Production and Preservation Orders for electronic evidence in criminal matters.

Political trilogue discussions among Johansson’s team and Member of European Parliament and rapporteur Birgit Sippel on this legislative package have reportedly been slow and complex ever since. Recent movements make observers hopeful that a deal may be within reach — something to watch come September.

Elsewhere, if you are in the mood for writing, may I interest you in calls for proposals for IAPP conferences? We are currently seeking speaking proposals for three of our European events (yes, United Kingdom, that means you too):

Data Protection Intensive: UK 2023 – deadline: 11 Sept.

Data Protection Intensive: France 2023 – deadline: 2 Oct.

Data Protection Intensive: Nederland 2023 – deadline: 6 Nov.

Mark your calendars!