By Kirsten Fiedler

On 30 June 2014, Germany’s Minister of the Interior Thomas de Maizière announced an initiative to help move forward the proposal for a General Data Protection Regulation. EDRi applauds this “initiative”, which comes after Germany has worked assiduously to stop progress in the Council. According to internal Council documents obtained by the Spiegel in December 2013, Germany was one of the countries actively seeking to water down and delay the reform. Now, finally, Germany seems to be willing to move forward.

In his statement, the German Minister announces the submission of concrete proposals to the Italian Presidency in order to discuss points where the Council was not able to reach a common position until now. With regard to transfers of personal data to third countries, de Maizière states that

Within the context of the NSA debate, Germany had put forward a proposal for Article 42a. (Original: “Den Vorschlag für einen entsprechenden Art. 42a hatte Deutschland im Zuge der NSA-Debatte eingebracht.”)

Great – but we already know that it was the European Commission that put forward the original proposal on Article 42, a full eighteen months before the NSA affair. How could Germany have possibly been the origin of the proposal (now as Art. 42a), as the Minister suggests?

The European Commission made a specific anti-spying proposal in its original draft, which was “leaked” during the final stages of the drafting process. As a result of the leak, after heavy lobbying from the US Department of Commerce, the Commission’s proposed Article 42 was abandoned. Commission President Barroso was reportedly afraid of upsetting the USA before the launch of the TTIP negotiations. In January 2012, the European Commission launched its weakened draft Regulation.

Then, in October 2012, eight months before the first Snowden leak, EDRi published the platform ProtectMyData.eu, where we made suggestions to improve the Commission text – including an amendment to re-insert Article 42 into the Regulation.

Subsequently, the Member of the European Parliament in charge of the Regulation, Jan Philipp Albrecht, tabled a similar amendment in his draft report (as Art 43a new) in November 2013, eight months before de Maizière’s letter to the Italian Presidency.

So, maybe the Minister is not aware of the fact that the proposal was made two and a half years ago. Maybe the Minister is not aware of our campaign to have the text put back into the Regulation months before the Snowden leaks. Maybe the Minister was not aware of the fact that the proposal was made in the European Parliament long before the Snowden leaks. Or maybe 42 is the answer. After all, we do not wish to accuse him of lying.

Release: Launching an initiative to General Data Protection Regulation (30.06.2014)
http://www.bmi.bund.de/SharedDocs/Kurzmeldungen/DE/2014/06/initiative-zur-datenschutz-grundverordnung.html

Leaked internal draft of the data protection regulation (December 2011)
http://statewatch.org/news/2011/dec/eu-com-draft-dp-reg-inter-service-consultation.pdf

EU Council: German officials are slowing down European data protection rules (02.12.2013)
http://www.spiegel.de/netzwelt/netzpolitik/deutsche-beamte-bremsen-europas-datenschutz-aus-a-936704.html

US lobbying against draft Data Protection Regulation (22.12.2011)
http://edri.org/us-dpr/

EDRi proposal for the re-introduction of Article 42 (October 2012)
http://protectmydata.eu/articles/articles-41-50/article-42/

Letter by NGOs to the EU Council: International Data Privacy Day: We remind the European Council of our rights (28.01.2014)
https://www.accessnow.org/blog/2014/01/28/international-data-privacy-day-we-remind-the-european-council-of-our-rights

42
http://hitchhikers.wikia.com/wiki/42