Proposal made for sweeping data protection in EU

Question of the Day

Should Congress make English the official language of the U.S.?

View results

BRUSSELS (AP) - The European Commission proposed sweeping reforms Wednesday to protect the confidentiality of personal data online including a “right to be forgotten,” which would let people have information about themselves deleted if there was no legitimate reason to retain it.

The Commission said the proposal would safeguard people’s privacy and save companies money, but some business interests have already said they will lobby for changes.

If the directive is ultimately adopted, it would update one from 1995, when fewer than 1 percent of Europeans used the internet. To take effect, it needs the approval of the European Council _ the 27 European Union heads of government _ as well as the European Parliament.

The “right to be forgotten” could greatly enhance the rights of people who use social media sites, which sometimes take down photos and posts at a user’s request but retain the information instead of deleting it.

The commission, which is the EU’s executive branch, cited the case of Max Schrems, 24-year-old Austrian law student who asked Facebook to send him a record of his personal data from three years of using the site. What he received was 1,222 pages of information _ including chats he had deleted more than a year earlier, “pokes” dating back to 2008, invitations to which he had never responded, and hundreds of other details.

For businesses, the primary attraction of the proposal is that they would have just one set of rules to follow rather than 27 different sets, one for each country in the European Union. And they would report to only one data protection authority.

EU Justice Commissioner Viviane Reding, who outlined the proposal Wednesday, said that would save businesses about euro2.3 billion ($2.98 billion) a year.

Personal information covered by the proposal would include names, photographs, email addresses, bank details, social networking posts, medical information, and various other data.

“The protection of personal data is a fundamental right for all Europeans, but citizens do not always feel in control of their personal data,” Reding said.

Reding said many Europeans fear their personal data could be misused, and she argued that, if public trust improved, internet businesses would grow significantly.

But representatives of internet business interests complained that, while the proposal would eliminate the red tape involved in dealing with 27 different data protection authorities, it added new requirements that would be expensive and burdensome, which could inhibit growth in the digital sector.

“The Commission’s proposal today errs too far in the direction of imposing prescriptive mandates for how enterprises must collect, store and manage information,” said Thomas Boue, Director of European Affairs for the Business Software Alliance. Members of the alliance include Microsoft, McAfee, Adobe, Intel and other internet giants.

“The risk in the proposal’s current design is that it will bog down companies with onerous compliance requirements, which could inhibit digital innovation at the expense of job creation and growth.”

Wim Nauwelaerts, a Brussels-based legal expert, said the “right to be forgotten” was unclear and would be difficult to implement. Would companies have to delete information only from their own servers and databases or would they also have to try to find other places on the internet to which the information had spread, he asked.

Companies dealing with personal data would face various other mandates, including:

Story Continues →

View Entire Story

Copyright 2014 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Comments
blog comments powered by Disqus
TWT Video Picks