European Commission drops data protection challenge


Click to follow
Indy Politics

The European Commission has dropped legal moves against the UK over data protection laws after the Government agreed changes in the privacy of electronic communications.

A legal case was launched by Brussels nearly three years ago following complaints from UK internet users about the use by some service providers of "targeted behavioural advertising" - creating a consumer marketing profile on the basis of individuals' website searches and usage.

After the Commission referred the case to the European Court of Justice in September 2010, the government altered national legislation to ban the interception of users' electronic communications without their explicit consent.

A Commission statement said: "The Commission has closed an infringement case against the UK in recognition that UK national legislation has now been changed to properly implement EU rules on ePrivacy and data protection on the confidentiality of communications such as email or Internet browsing. The Commission believes UK law and institutions are now well-equipped to enforce the privacy rights of UK users."

The decision follows a Commission proposal yesterday for comprehensive reforms of the EU's 1995 data protection rules to strengthen online privacy rights and boost Europe's "digital economy."

The Commission says the pace of technology change is outstripping existing legislation which, in any case, has been implemented differently in various member states.

The proposals calls for a single EU-wide law on data privacy, saving business an estimated £2bn a year.

EU Justice Commissioner Viviane Reding said: "The protection of personal data is a fundamental right for all Europeans, but citizens do not always feel in full control of their personal data. My proposals will help build trust in online services because people will be better informed about their rights and in more control of their information."

The Confederation of British Industry said in an increasingly digital age, consumer and employer confidence in European data protection rights was in the interests of businesses.

But Matthew Fell, CBI Director for Competitive Markets, went on: "However, at a time when we should be boosting business confidence and encouraging innovation in digital services, these proposals will interfere with the relationship between businesses and their customers, and only add to costs.

"We see no reason for such a radical overhaul, when existing data protection legislation remains fit for purpose."

DMA executive director Chris Combemale said: "UK businesses need to be worried about the potential impact of the Data Protection Regulation on their ability to market their goods and services to consumers. Severe restrictions on the way in which they can use personal data for marketing purposes will be hugely damaging to sales."

"We fully appreciate the need for data protection rules to be in place to build consumer trust in sharing their information with companies, but getting this balance wrong will have terrible financial consequences to UK plc."

But the head of European consumers' group BEUC, Monique Goyens, welcomed the plan: "In recent years personal data has been traded as a currency behind consumers' backs. Particularly online, users have found themselves having dramatically less control of their most personal data.

"Now the Commission has drawn a clear line in the sand.

"Today the EU is taking a large step towards giving data rights back to its rightful owners - individuals themselves."

Information management services specialist Iron Mountain backed the Commission plan as a key part of EU privacy and human rights law.

Christian Toon, head of information security for Iron Mountain Europe, commented: "Many businesses of all sizes are falling short of what is required to manage information responsibly.

"Regardless of turnover, sector or country of operation, making sure that employee and customer information is protected should be common practice, not a reaction to new legislation."

John Walker, national chairman of the Federation of Small Businesses, said: "The FSB is pleased that data protection is being updated but it is imperative to ensure that it is updated in such a way that doesn't increase the burden on small businesses.

"UK businesses already struggle with the amount of red tape they have to deal with and so it is important that compliance time and costs are not increased for small firms."

He welcomed the fact that a proposed required on firms to have a "data protection officer" would not include small and medium-sized firms.

"However, once this regulation is agreed, the guidance that is made available to small firms must be clear and concise so that it is accessible and these businesses know what their requirements are," he said.