European Union nations should stop dragging their feet over an “urgent” overhaul of data protection rules that would foist tough constraints on U.S. tech companies, the bloc’s top privacy watchdog said.
Jacob Kohnstamm said he was making a “cry from the heart” after EU leaders last week dropped a 2014 deadline to toughen the bloc’s data privacy laws even as they condemned allegations that the U.S. National Security Agency eavesdropped on world leaders including German Chancellor Angela Merkel.
“Looking at the NSA issue and all that goes with it, and looking at the near monopolies or monopolies of big U.S. companies on the Internet” and then “the fundamental right of data protection in Europe, it makes the sense of urgency to get the EU general data protection framework accepted so clear to me,” Kohnstamm, the head of the group of EU privacy watchdogs known as the Article 29 Data Protection Working Party, said in an interview.
EU leaders bowed to U.K. demands for a slowdown in adoption of the data-protection law to consider the effect of the legislation on businesses, dropping the deadline in favor of a pledge to introduce the plans in “timely fashion.” The overhaul of the privacy law could result in U.S.-based companies including Google Inc. (GOOG), Facebook Inc. (FB), and Apple Inc. (AAPL) facing fines as high as 100 million euros ($138 million) for data-protection violations.
The privacy overhaul would target companies that handle information about EU citizens, even when data processing takes place outside the 28-nation bloc -- such as in the U.S.
The U.K. has been blocking a tightening of the draft rules that were first proposed by EU Justice Commissioner Viviane Reding in January 2012 over concerns it will burden and ultimately harm businesses with too much regulation.
Google and Microsoft Corp. (MSFT) have been among U.S. companies to warn the EU against “overly strict” data curbs that may harm technology development.
“The British say that red tape should be reduced,” said Kohnstamm, who is also in charge of the Dutch data protection authority. Yet, “whatever movement is being done toward them, the British won’t want this anyway.”
The draft law “could end up costing U.K. businesses -- as well as those of our counterparts in Europe -- hundreds of millions of pounds every year, strangling them with red tape,” Chris Grayling, the U.K. justice secretary, said in an e-mailed statement.
“We are negotiating hard to make sure any law is good for business and citizens -- otherwise we will pay the price in jobs later,” Grayling said.
Rather than delaying the rules, Kohnstamm said the case for speedy adoption is “bigger and more forceful” after details emerged of widespread snooping by U.S. security services.
German Chancellor Merkel and French President Francois Hollande called last week for closer cooperation on espionage after documents gathered by former NSA contractor Edward Snowden revealed U.S. authorities hacked Merkel’s mobile phone in 2010. Mexico is probing allegations of U.S. eavesdropping on former President Felipe Calderon.
Reding yesterday warned the U.S. that the spying scandal risks hampering efforts to seal a trans-Atlantic trade pact.
The European Parliament, which has already endorsed the revamped EU data law, “may decide to reject” the trade accord if trust isn’t restored between the two blocs.
“Once a single, coherent set of rules is in place in Europe, we will expect the same from the U.S.,” Reding said in a Washington speech. “Control of every movement, every word or every e-mail made for private purposes is not compatible with Europe’s fundamental values or our common understanding of a free society.”
To contact the reporter on this story: Stephanie Bodoni in Luxembourg at email@example.com
To contact the editor responsible for this story: Anthony Aarons at firstname.lastname@example.org