European ministers on Friday agreed to back a reform package that would tighten privacy controls on companies based outside the European Union (EU), including Internet giants such as Facebook and Google, requiring them to comply with EU data protection laws.
Data protection issues have gained prominence since the revelations last year of the extent of US government spying activity, including gathering data from US Internet companies. Vodafone on Friday disclosed data indicating the extent of telephone surveillance in European countries.
“Ministers agreed on the territorial scope of the data protection regulation,” said European Commission vice president and EU Justice Commissioner Viviane Reding in a speech on Friday. “In simple words: EU data protection law will apply to non-European companies if they do business on our territory – the European Single Market.”
“It is important to cement this principle once and for all into law – Article 3 of the Data Protection Regulation,” she said. “It’s in the interest of companies to have legal certainty rather than having to spend money in costly lawsuits, only to arrive at the same result at the end.”
Ministers also agreed on measures allowing companies to transfer data to countries outside the EU, but there has as yet been no resolution to the “one-stop shop” issue, intended to simplify the process of dealing with the EU’s numerous national data protection authorities.
Following the decision on the “right to be forgotten”, for instance, Google has received tens of thousands of requests from across Europe, and currently must deal with each data protection authority separately.
“Positions are coming closer to the model for such a system with the general understanding that there should be a ‘lead authority’ which works closely with other concerned authorities, notably the local authority with which citizens lodge a complaint,” Reding said.
Reding said the reform is “on track” following Friday’s summit, with the goal being “the completion of the Digital Single Market by 2015,” a goal agreed in October.
With regard to Vodafone’s disclosures, Reding said that “this shows again the scale of collection by governments of data being held by private companies… data access should always be framed by clear laws or judicial warrants.”
Are you a security pro? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…