PERSONAL DATA PROTECTION UNDER EC REVIEW

Uncategorized

Facebook faces EU curbs on selling users’ interests to advertisers, notes Daily Telegraph.  The controversy around protection of personal data has been stirred soon after Austrian law student Max Schrems decided to ask Facebook for his personal data stored by the social networking service. The answer came as a surprise- 1,222 pages of information, including data that Schrems already had deleted from Facebook, invitations to which he never responded, etc.

The current  use of social networking sites still on the increase raises more and more questions as regards personal data protection. It refers not only to Facebook, but to numerous other popular sites as well. Most of the companies that run social networking sites are based outside the European Union, hence  data processing takes place outside  as well. According to the current text of Directive 95/46/EC, such a conduct is generally not covered by the European personal data protection law (if the data is not processed within the EU) and therefore these companies have only to abide by laws  of the countries where the data is actually processed. Usually such laws are far less strict for data processing enterprises to the European ones, which may be detrimental to EU citizens, generally used to higher standards of protection.

 The plan of the European Commission has  to change this situation and  strengthen protection of consumers’ personal data in Europe. The outcome of those efforts is supposed to be a new law on data protection that would replace a slightly outdated Directive 95/46/EC, which does not fit sufficiently to the current digitalized world anymore. The new draft is hoped to be announced in early 2012. The Commission has not made it  explicit yet, whether it will take a form of a regulation or of a directive, however it is declared to be uniform and not subject to 27 different interpretations.

The new law is planned to cover new aspects of personal data protection that are arising due to modern technology and globalization.  Precise points of the reform may be so far derived only from some press releases such as a recent Viviane Redding’s speech given at a conference “New frontiers for Social Media Marketing” (you may find the full text here). t The reform may include :

-          Resignation from a general requirement for companies to notify data processing to data protection authorities;

-          Covering by European law all companies that operate within the European Union (even if they process personal data in other places of the world);

-          Facility and consistency for entreprises – introduction of one law applicable and one single authority responsible for companies operating in several Member States;

-          Customer protection enhancement: creation of a right to be forgotten (to have all data on oneself deleted), creating obligations for entrepreneurs to specify, what personal data will be collected,  obligation for companies to inform customers about incidents of stealing/leaking of their personal data.

 The Commission until today has not published any draft of the law that is planned to be introduced. We shall watch and come back to this topic once we see the long awaited draft of the law to check whether it will keep all of the mentioned objectives.

 For more information from the European Commission: click here and here.

Author: Rafal Kloczko

For any questions on this article contact: Rafal Kloczko

Author: admin

No Comments
139Views