EU To Tighten Data Protection Controls On US Internet Giants

European ministers on Friday agreed to back a reform package that would tighten privacy controls on companies based outside the European Union (EU), including Internet giants such as Facebook and Google, requiring them to comply with EU data protection laws.

Data protection issues have gained prominence since the revelations last year of the extent of US government spying activity, including gathering data from US Internet companies. Vodafone on Friday disclosed data indicating the extent of telephone surveillance in European countries.

Territorial scope

“Ministers agreed on the territorial scope of the data protection regulation,” said European Commission vice president and EU Justice Commissioner Viviane Reding in a speech on Friday. “In simple words: EU data protection law will apply to non-European companies if they do business on our territory – the European Single Market.”

She said this issue was far from “self-evident,” saying that the recent European Court of Justice decision obliging Google to honour the “right to be forgotten” had “brought some clarity confirming the Commission’s view”.

“It is important to cement this principle once and for all into law – Article 3 of the Data Protection Regulation,” she said. “It’s in the interest of companies to have legal certainty rather than having to spend money in costly lawsuits, only to arrive at the same result at the end.”

Ministers also agreed on measures allowing companies to transfer data to countries outside the EU, but there has as yet been no resolution to the “one-stop shop” issue, intended to simplify the process of dealing with the EU’s numerous national data protection authorities.

Following the decision on the “right to be forgotten”, for instance, Google has received tens of thousands of requests from across Europe, and currently must deal with each data protection authority separately.

Reform ‘on track’

“Positions are coming closer to the model for such a system with the general understanding that there should be a ‘lead authority’ which works closely with other concerned authorities, notably the local authority with which citizens lodge a complaint,” Reding said.

Reding said the reform is “on track” following Friday’s summit, with the goal being “the completion of the Digital Single Market by 2015,” a goal agreed in October.

With regard to Vodafone’s disclosures, Reding said that “this shows again the scale of collection by governments of data being held by private companies… data access should always be framed by clear laws or judicial warrants.”

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago