Once a photograph is posted on a social digital platform such as Facebook there is no turning back. Even if it is deleted, there is no guarantee that it will be completely gone and off the web. In an effort to better safeguard Internet users’ privacy and to unify data protection rules among European countries, Viviane Reding, EU Commissioner for Justice, Fundamental Rights and Citizenship, has been working on an ambitious plan for a new European law on data protection.
At a recent seminar, organised by the European Journalism Centre in partnership with the European Commission, in Brussels, Reding summarised the aim of the new law with the motto: “One continent, one law, one data protection authority.” The one-day seminar, which gathered 30 journalists from the 27 EU member states, tackled issues such as the tension between privacy and economic growth, the need to harmonise data protection rules in Europe and the scope of the protection reform the Commission wants to implement. Axel Voss, member of the European Parliament, Francoise Le Bail, Director of DG Justice at the Commission, and Jean Gonie, Microsoft Director for Data Privacy were some of the speakers at the seminar. The highlight of the day was the keynote speech given by Commissioner Reding and the ensuing discussion with the audience of journalists.
A single Data Protection law for all 27 member states
The European Commission wishes to implement new data privacy rules in all EU countries. The legislation – designed by Viviane Reding – was issued in January 2012, but will not be voted by the European Parliament before 2013. It brings major alterations to the way individuals can control their personal data on the web. First, the European Commission sees the need to harmonise data protection rules in all 27 member states. Up until now, all countries apply distinct privacy laws.
If the European Parliament approves the new law, users will be able to request companies to erase their data or to transfer it to other services or organisations. In addition, companies dealing with personal information of more than 250 employees would have the obligation to hire a “data protection officer.”
The right to be forgotten
With large social networks such as Twitter, Facebook, Google+ and others playing an increasing role in peoples’ lives, current data protection laws seem insufficient to protect individuals’ private information. One of the most significant changes in the new legislation deals with the right to be forgotten.”
The Commission wishes to give citizens the right to remove personal information, such as embarrassing photographs, from the web, whenever they so wish. “Will the law have implications for journalism, especially in an era where ‘citizen journalism’ seems to be everywhere?” a journalist in the audience asked. “The right to be forgotten has nothing to do with journalists, nothing to do with the work of bloggers, nothing to do with tweeterers,” Viviane Reding clarified. “It’s about people entrusting information to a company. Freedom of expression is very important and it is something we are taking into account.”
As the new legislation is expected to bring major changes in the way companies can hold and use consumers’ information, journalists were interested in finding out how online companies would react to it. “Will big companies try to stop the implementation of these new ambitious rules?” a journalist wanted to know. Reding’s answer gave him a good quote: “The lobbying from all sides has been fierce. I have not seen such a heavy lobbying operation before,” she said, without specifying which companies or interests were putting pressure on European Commission to withdraw the law.
During a panel discussion on the possible tension between privacy and economic growth, the audience had an opportunity to ask Microsoft Director for Data Privacy, Jean Gonie, what his company had to say about the lobbying efforts. Gonie’s reply was less controversial than expected, as he said that Microsoft actually agrees with the new legislation to some extent. “We have been advocating for harmonisation for many years,” he said.
Is Data Protection too far away?
At this point, it is difficult to predict the consequences of the proposed legislation. In any case, it is unlikely to be implemented before 2015, which as journalists attending the seminar commented, seems “very far away.”