UK Battles Brussels To Kill Data Privacy Regulation

The UK government is hard at work in Brussels, hoping to have a controversial data privacy regulation laid down by the European Commission scrapped, TechWeekEurope understands.

The government’s position was outlined earlier this year, when it said, in response to a Justice Select Committee inquiry, it wanted the Regulation to be recast as a Directive. The latter would give member states more flexibility in how to update their own laws, the Ministry of Justice has argued.

Data privacy punch-up

Numerous governments and corporations, both inside and outside the UK, are lobbying hard to make amendments to a directive and a regulation outlined by the EU. The US government and various American corporations, including giants like Amazon and Facebook, and British telecoms giant BT have been particularly active.

But none have so far expressed a desire for the regulation to be rethought so thoroughly. The UK government wants two directives – one covering general data protection and the other dealing with data processing within police and judicial co-operation in criminal matters.

Various qualms with the privacy plans have been expressed. Many are upset about the stringent ideas on the table, including fines of up to two percent of a company’s annual turnover for serious breaches of the law, and the “right to be forgotten”, which Facebook believes will be too onerous for it and other businesses in having to delete all traces of customer data on demand.

The UK government, led by justice minister Lord McNally, is now speaking with MEPs in Brussels hoping for a compromise, and a removal of any regulation. “I think a directive is more easily and effectively implemented according to the needs and realities of individual states,” justice minister Lord McNally told TechWeekEurope.

He said he was taking businesses’ concerns on the “over-prescriptive” draft laws into its discussions with the European Commission.

Another reason for the government’s ire over the proposals is money. The UK government and the European Commission have vastly different opinions on the economic impact of the plans.

At what cost?

In its assessment, the European Commission said there would be a net benefit of €2.3 billion per year for the European economy, largely from administrative savings. “We do not agree,” McNally said. “That figure does not cover all the costs.”

The regulation and directive could cost the UK as much as £360 million per annum, the government claimed in November last year. The UK’s data privacy watchdog, the Information Commissioner’s Office (ICO), will have to find another £42.8 million.

McNally claimed the changes would pose a serious threat to UK SMEs too. “Above all, we are keen for any new proposals do not place onerous burdens on small and medium-sized enterprises,” he added.

“They are the backbone of the economy, in this country and across the EU… we must seek to minimise and new restrictive requirements on small firms.

“Incredibly, the Commission claims their proposals will actually help small businesses by simplifying the law.

“I’m all for simplification, but this isn’t it. SMEs on the whole tend to operate within countries and won’t see the benefits of cross-border simplification.”

Opponents of the current draft legislation appear to be gaining supporters amongst European officials. The European Parliament’s Committee on the Internal Market and Consumer Protection (IMCO) recently voted in favour of relaxing the laws, and there was evidence MEPs were copying businesses’ suggestions into their recommendation documents.

David Smith, deputy commissioner of the ICO, which also has problems with how prescriptive the legislation is, said “discussions were going in the right direction”.

An agreement is expected before the end of the year, which could mean official European law will be enshrined in the middle of next year.

The European Commission had not responded to a request for comment at the time of publication.

Are you a pedant on privacy? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

View Comments

  • The debate about the regulation of data and the privacy of individuals reminds me of the same contest around regulation that finance has endured...and we all know how that ended.

    It is a shame that the UK would want to join the US in reducing the level of protection the individual should be afforded and the care a digital service providers should take.

    The Anglo-saxons have an overly long history championing the rights of the corporation and free market economics. The prostitution of people's data will soon reach an inflection point and generations of youngsters have yet to experience the collateral damage of indiscretions from an earlier era in their lives.

    Would love to know Lord McNally's economic interests?

    • So Agree george.

      There was a time when governments planned for their childrens future....all I see is a cultural shift towards privacy oblivion online.

      However, while I'd like to see regulation improved, big business pays the piper and McNally dances to their tune, and ever will it be thus, because we vote in weak minded buffoons like him.

      The only real way to change this is for entrepreneurs to create real non-invasive online tools and encourage users to use them...once consumers shift their behaviour so will the Googles and Amazons and BTs of this world and so will the McNallys who can then feel able to stand up and be counted.

  • While I believe the move of the Lord is fine, it comes a bit late. The Commission presented its proposal more than one year ago, it is now in the parliament deliberations.

    An opportunity would be to make it a regulation specifying "minimum requirements". That means while still directly applicable in all member states it takes the main advantage of a regulation, uniform rules and preserves flexibility of member states. A change of process is technically difficult and the disadvantage of a directive is that it requires national statutory implementation.

Recent Posts

Northvolt Mulls US Bankruptcy Protection – Report

Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…

2 days ago

FTC Plans Investigation Into Microsoft Cloud Business – Report

Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC

2 days ago

Programmer Sentenced To Five Years In Prison For Bitcoin Laundering

Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…

2 days ago

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

3 days ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

3 days ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

3 days ago