The European Parliament’s Legal Affairs Committee (JURI) has adopted its Opinion on the Data Protection Regulation. Even though the adopted text has fatal flaws, it represents a significant improvement compared with the Opinions adopted in other committees. Despite the avalanche of lobbying by a section of industry, business associations, “SME associations” funded by big business, “independent” associations funded by big business and lobbying by the US government, this change is a remarkable tribute to the impact of citizens having their say in Brussels. It also shows that the momentum is slowly moving towards more coherent support for privacy in Europe.
One example of this change of direction is “data portability”. The European Commission has proposed that people should have the right to obtain copies of their data – in an interoperable format – so that they can more easily change from one service to another. The conservative Parliamentarian in charge of the dossier in JURI, Marielle Gallo, initially proposed deleting this entire provision. In the end, she backed down and supported this proposal.
Compared with the approach adopted by the Internal Market and Consumer Protection (IMCO) Committee the text is an unquestionable improvement. While IMCO’s Opinion would have allowed “pseudonymous” data to be processed without appropriate safeguards, JURI’s text is not quite as fundamentalist. Similarly, while the IMCO Committee deleted all the safeguards aimed at protecting individuals from profiling of their personalities and behaviour by companies, JURI kept some (albeit inadequate) protections.
Unfortunately, the JURI Opinion is probably still so bad that it would be in breach of the European Charter of Fundamental Rights. For example, it would allow companies to profile the personality and habits of individual, without their consent, if those companies felt that they had a “legitimate interest” that was more important than the privacy of the individual. It would also permit the “legitimate interest” exception to be used to process data for purposes that are incompatible with the original purpose of the data collection – destroying the control of the individual over their personal data, which is the very essence of the right to data protection.
The vote in the Civil Liberties Committee (LIBE) is now on the horizon, probably in May. We finally have some momentum – we have just a few weeks to rescue our right to privacy, to rescue Europe’s leading role in the support of privacy and freedom of communication around the world, to save the European Parliament from destroying our rights in the European Year of the Citizen.
IMCO Opinion: http://dpreform.files.wordpress.com/2013/03/imco_ad2013496497_en-1.pdf
JURI Opinion: (official text will not be available for approximately two weeks). This article is based on EDRi’s note-taking during the vote.
Parltrack dossier: http://parltrack.euwiki.org/dossier/2012/0011%28COD%29