The proposed new data protection mechanism will lead to unnecessary administrative burdens, companies said
Ministers of European Union countries have agreed on a new plan to deal with cross-border privacy cases. Companies and a variety of critics, though, have called the proposal a mess.
The plan, at least originally, was supposed to put in place a "one-stop-shop" mechanism that would make it easier for businesses and citizens to deal with privacy-related complaints. The idea of a streamlined approach to resolving privacy issues is a key pillar of EU data-protection reform and member states agreed on a version of such a plan on Friday, said Vra Jourov, European Commissioner for Justice during a press conference.
At the moment, companies operating in the EU like Google, Facebook and Apple can be held responsible for privacy issues by national data protection authorities (DPAs). In Google's case, for instance, this has led to multiple simultaneous investigations into the privacy policy it introduced in 2012. Enforcement actions related to various complaints have been taken in several EU countries.
The Commission, the EU's executive and regulatory branch, had proposed that these companies in the future should only have to deal with one authority, in the country where they have their European headquarters or main business. A European Data Protection Board would be able to adopt legally binding decisions in cases where the national authority is challenged by privacy supervisory bodies in other countries.
However, the ministers in the Council of the EU agreed that this mechanism should only kick in for important cross-border cases. And even in those cases, other concerned authorities would be able to enter into a joint decision-making process, enabling them to object to the main body's decision, the Council said in a news release.
Going ahead with this plan would be a very disappointing move, said the Industry Coalition for Data Protection in a news release ahead of the Friday talks.
The proposed plan would be more cumbersome than the current one and lead to unnecessary administrative burdens, including delayed decisions, for all parties concerned, according to the group, which comprises 18 associations. The associations represent European and international companies, including Google, Microsoft, Facebook Apple and Yahoo.
Marc Dautlich, a lawyer specializing in information law, said ahead of Friday's decision that the compromise proposed by the ministers is a mess.
It is disappointing for nearly everyone, he told Out-law.com, a website that publishes legal news and guidance on behalf of his law firm, Pinsent Masons.
See the article here:
EU ministers OK new cross-border data protection plan, sparking criticism