Greetings from Brussels,
While the summer months might be slow in comparison to the rest of the year, it seems there is plenty to ponder in the privacy sphere all the same.
The big news this week is that the proposed ePrivacy Regulation that is intended to complete and substantially update the data protection legal framework in coordination with the GDPR seems to be in limbo. An agreement through the so-called trialogue between the European Commission, the Parliament, and Council has not yet been reached. It’s not even close. In an exclusive for The Privacy Advisor, David Meyer reports that the European Parliament's lead rapporteur, Birgit Sippel MEP, on the ePrivacy Regulation has responded with fury to the news that the Austrian presidency of the Council of the European Union intends to produce no more than a status update on the law's progress by the end of the year.
Dial back in time, and you’ll know the European Parliament has been debating with vigor and passion on the proposed ePrivacy Regulation. Sippel has herself has been very vocal, particularly critical of EU member states for dragging their heels on the legislation. The Parliament delivered on a final text last October. She said back in April of this year, “Member states are putting their foot on the brake and basically just acting on behalf of industry.” For those companies and privacy pros that have been waiting in earnest for the regulation to bring the current ePrivacy Directive into coordination with the GDPR, the news is certainly going to come as a major disappointment. I remember an industry roundtable I chaired in the European Parliament late last year expressing very visible and palpable concern over having to comply with both sets of regulatory provisions and at different speeds, so to speak.
Ironically, perhaps the industry lobbyists have in certain respects won a victory here. Let’s not forget that a well-oiled and well-entrenched lobby machine was built around the GDPR file; cometh the hour, they just switched over to ePrivacy with ease.
What is now being touted about in privacy circles is that we may only see an ePrivacy Regulation take roots in 2020.
Finally, if you were unaware, there was an important vote in the European Parliament 5 July calling on the European Commission to suspend the EU-U.S. Privacy Shield if specific requirements aren't met by 1 Sept. It’s all drama on the Shield front, triggered especially by the Facebook-Cambridge Analytica situation (both companies are Shield certified), and Brussels has warned the Trump administration it has three months to comply with provisions of the agreement or risk throwing the whole deal into a tailspin. The Parliamentary vote itself was relatively comprehensive, passing 303 votes to 223, with 29 abstentions. The message was loud and clear: Comply in full.
Věra Jourová, the EU’s commissioner for justice, has in turn written to Wilbur Ross, U.S. commerce secretary, complaining that the White House has failed to appoint senior personnel to oversee the Shield deal, which dates to the Obama administration. The IAPP understands that the annual Privacy Shield review will take place 18 and 19 Oct. in Brussels, with Ross opening the review by meeting with Jourová. Keep your ears pricked and eyes peeled for the aftermath; it could get interesting. Oh, to be a fly on the wall…
If you want to comment on this post, you need to login.