Author (Person) | Cashman, Michael |
---|---|
Series Title | European Voice |
Series Details | Vol.8, No.32, 12.9.02, p24 |
Publication Date | 12/09/2002 |
Content Type | News |
Date: 12/09/02 By FOLLOWING a raft of Commission proposals on internet, telecoms and data use, there is now a review under way on the implementation of the Directive (95/46/EC) on the Protection of Individuals with regards to the processing of personal data and free movement of such data. Adopted in 1995, the Data Protection Directive had two objectives: to assure free flow of information in the internal market and to create an appropriate level of data protection. The directive also included personal data protection standards aimed at creating a level playing field in the EU. In the seven years since the directive's adoption, the provision of services has substantially changed. The online world has developed, changing the relationships between business and consumers through electronic commerce. Since the EU did not want to remain aside from the challenges it decided, at the Lisbon Council, to dedicate special attention to e-commerce. One of the Lisbon goals was to ensure that the development of e-commerce would make the EU the most dynamic, competitive economy in the world. The e-Commerce Directive was adopted in 2000 to provide an EU framework for the provision of information society services. This directive did not, however, change the provisions of the Data Protection Directive. I believe the most effective way to deal with data protection is to have a single framework that is dynamic and flexible enough to take into account present and future developments. Clearly, the implementation of the directive has not had the desired effect in driving forward the new engines of growth. Nearly four years after the deadline for implementation, disparities have appeared between the member states. This has resulted in a patchwork of national legislations with very different specific requirements, which in itself has created barriers to the provision of cross-border services, and therefore a limit on the free movement of data, which is essential to European companies and consumers operating in the internal market. It is therefore vital that the Commission takes the necessary steps to limit these differences and to ensure that the aim of free movement of personal data can be achieved, while guaranteeing the data privacy which our citizens rightly expect. Numerous pieces of legislation deal with the issue and their interpretation leads to confusion. The Data Protection Directive, the Directive on Privacy and Electronic Communications, the e-Commerce Directive, the e-Signature Directive and the Distance Selling Directive all deal with data protection. Each may come into play in a single business transaction or each may be applicable in separate but almost identical business operations. This often leads to inconsistencies (e.g. opt-in solution for commercial communication as opposed to opt-out in the e-Commerce Directive). Sector-specific legislation is burdensome when a single Data Protection Directive should cover all data protection issues in a consistent manner. Experience also teaches us that there is a necessity to distinguish between personal data and professional or corporate data. As currently defined and interpreted, 'personal data' (Article 2a) covers the data of individuals in a personal capacity as well as in their work capacity. This needs to be corrected because it could be used to circumvent the Regulation on Public Access to Documents of the Commission, Parliament and Council - a concern shared by many advocates of openness and transparency. In conclusion, I welcome the Commission's efforts to increase transparency in the review of the Data Protection Directive and I encourage it to pursue these efforts by making the outcome of the consultations with member states, data protection agencies, and data subjects public and in making reports commissioned by it publicly available. In all that we do in this field we must encourage the engines of growth, but at the same time guarantee our citizens the security and peace of mind they expect.
The author argues it is vital that the European Commission takes the necessary steps to limit the differences between Member States in implementation of the 1995 Data Protection Directive, and to ensure that the aim of free movement of personal data can be achieved, while guaranteeing the data privacy which citizens expect. |
|
Subject Categories | Business and Industry, Internal Markets |