Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Data protection, NSA votes won; net neutrality next

Glyn Moody | March 20, 2014
Here are the main points of the data protection proposals as summarized in the European Parliament's press release on the vote.

Last week I asked people to write to their MEPs about two important votes in the European Parliament on Wednesday: one regarding data protection, the other surveillance. Lots of people obviously did that, and not just here in the UK: both votes went through with huge majorities. That's not to say that the results are perfect, but they are probably as good as we could have hoped for in the circumstances, and represent a real win for democracy in Europe given the bitter lobbying that was deployed against them.

Here are the main points of the data protection proposals as summarized in the European Parliament's press release on the vote:

Data transfers to non-EU countries

To better protect EU citizens against surveillance activities like those unveiled since June 2013, MEPs amended the rules to require any firm (e.g. a search engine, social network or cloud storage service provider) to seek the prior authorisation of a national data protection authority in the EU before disclosing any EU citizen's personal data to a third country. The firm would also have to inform the person concerned of the request.

Deterrent fines

Firms that break the rules should face fines of up to €100 million, or up to 5% of their annual worldwide turnover, whichever is greater, say MEPs. The European Commission had proposed penalties of up to €1 million or 2% of worldwide annual turnover.

Better protection on the internet

The new rules should also better protect data on the internet. They include a right to have personal data erased, new limits to "profiling" (attempts to analyse or predict a person's performance at work, economic situation, location, etc.), a requirement to use clear and plain language to explain privacy policies. Any internet service provider wishing to process personal data would first have to obtain the freely given, well-informed and explicit consent of the person concerned.

As you can see, there's some pretty strong stuff in there - up to 5% of annual global turnover is a lot of Euros, and not something even Google or Facebook can simply find by digging down the back of the sofa. However, this is not the end of the story. Because of the way the EU works, both the European Commission and the shadowy Council of the European Union have to agree as well. Surprisingly, the European Commission is likely to do that; it's the Council of the European Union that's the problem - not least because it's made up of ministers of the EU member states, and therefore gives the UK a chance the mess things up as usual. However, the extremely strong support for the proposals in the European Parliament - the voting was 621 votes in favour, 10 against and 22 abstentions - should at least put some pressure on the UK and others to respect the democratic decision here. Just kidding....


1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.