The passing of the US Patriot Act has thrown the differences between the American approach to privacy into sharp relief against European legislation. The casualty is the Safe Harbor agreement that exists between the two international entities.
According to Safe Harbor, the privacy laws of the customer’s registered country of origin will be applied to any data wherever it is stored. The Patriot Act states that US authorities can access any data stored in the United States or anywhere in the world by a US company.
The Patriot Act, however, appears to include data stored by an American company on behalf of a European firm. This breaches Safe Harbor as it stands and could threaten the adoption of US cloud services by European businesses.
What is certain is that social networks will be put under pressure because safeguards for users will be enshrined in the new laws.
At the beginning of this month, announcing the start of the initiative to update the Data Protection Directive, vice-president Viviane Reding, EU commissioner for Justice, Fundamental Rights and Citizenship, said, “The protection of personal data is a fundamental right. To guarantee this right, we need clear and consistent data protection rules. We also need to bring our laws up to date with the challenges raised by new technologies and globalisation. The Commission will put forward legislation next year to strengthen individuals’ rights while also removing red tape to ensure the free flow of data within the EU’s Single Market.”
In an outline of these new data protection challenges, the EC said it is considering regulation to ensure that social network users can access, delete or change entries that they may have made in the past. It also upholds the “right to be forgotten”, a move already criticised by Facebook, so that when a user leaves a service all previous records created during their membership will be erased or, if preferred, transferred to a new service.
This will have a major effect on Facebook, Twitter, Google+ and other social media and search engines which will have to develop tools and functions to comply. It will prevent rash words from the past being dredged up and used against individuals later in life.
The implication is that the directive, which has been applied according to each country’s interpretation, will become a fixed set of laws to be enforced as written to ensure a level playing field across the EU.
The most telling and possibly controversial section states that the new regulations will be geared towards: “Ensuring high levels of protection for data transferred outside the EU by improving and streamlining procedures for international data transfers. The EU should strive for the same levels of protection in co-operation with third countries and promote high standards for data protection at a global level”.
If the laws do not align with other countries there could be fireworks – and the current Patriot Act cuts across existing principles on data protection. In the US, the state has every right to access any data of a US citizen or registered company, at home or abroad, without their permission and even without their knowledge.
This could be the sticking point and the EC is further revising data protection rules in the area of police and criminal justice. An individual’s personal data will be protected in these areas.
“Under the Lisbon Treaty, the EU now has the possibility to lay down comprehensive and coherent rules on data protection for all sectors, including police and criminal justice. Naturally, the specificities and needs of these sectors will be taken into account. Under the review, data retained for law enforcement purposes should also be covered by the new legislative framework.”
The Commission is also reviewing the 2006 Data Retention Directive, under which companies are required to store communication traffic data for a period of between six months and two years. In what way, the Commission has not said but more will be revealed in January and the changes are due to be set before the European Parliament before the middle of 2012.
The US is already rattling its sabre, declaring the changes as being mere protectionism, of European cloud markets in particular. This does not bode well for an harmonious New Year.
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…