European Parliament data proection rapporteur Jan Albrecht was photographed last week in a drinking duet with Justice Commissioner Viviane Reding. Can he make it a trio with the Council? That is the key question for today’s vote in the Civil Liberties Committee.
***Update: 19.11 21 October - the Libe committee have just approved the Albrecht report with all compromises, and the Council (trilogue) mandate - 51+ 1- The Droutsas report on data protection and law enforcement was also adopted with a smallermajority 29+ 20-****
Jan Albrecht is clearly under pressure, as evidenced by a statement he has placed on a Green Party website regarding the possibility of trilogues, which he is recommending to his committee. It’s also
evidenced in his diplomatically worded description of his ambition “update and strengthen data protection for citizens and create a secure business environment”.
Whilst the citizen community is placing great faith in Mr Albrecht, and his review of European data protection law, this is an indication that he has had to make political compromises that take account of the interests of industry. It would be useful to have those compromises highlighted, with the boundary lines drawn.
His request for a mandate for trilogues on the General Data Protection Regulation, indicated before the summer holidays (see Closed-door trilogues are on the data privacy agenda ) raised some serious questions. As a Green, he is supposed to stand for transparency in policy-making, and trilogues are notoriously non-transparent. (see Cloak of secrecy hangs over EU privacy reform ).
He states that all texts from the Data Protection Regulation trilogues will be distributed to the Civil Liberties committee and all Committee meetings will be web streamed. We will wait and see.
The interesting thing about the photograph of Mr Albrecht with Viviane Reding, is that Mr Albrecht is a Green, and Viviane Reding is EPP. Usually, they would be drinking in quite different establishments. It suggests an unusually chummy relationship between the Parliament and the Commission – perhaps because both need each other.
Mr Albrecht of course, wants the kudos of getting the Data Protection Regulation adopted before the 2014 European elections.
Viviane Reding is as keen as Mr Albrecht to get the Data Protection Regulation adopted in that timescale. She has been quietly courting the German CDU, to bring them over to a stronger line on privacy, and in doing so she has leveraged the German public opinion that is concerned about mass-scale espionage using online data.
That all would seem to have worked to Mr Albrecht’s benefit. Having the European Commission publicly on his side will be an internal PR coup, and helpful potentially in bringing on board the support of the German government in the Council.
But is his confidence, expressed publicly in his media interviews, actually a little shaky underneath? In his website statement, he hints at the likelihood of second reading, and further trilogue negotiations, which would preclude an outcome occuring before the European elections.
“However a first reading agreement is not a foregone conclusion. If the Council does not offer us a good deal I will recommend MEPs to confirm the LIBE report in plenary and launch second reading negotiations.”
The Council remains divided over the Data Protection Regulation, especially between the Germans and the British (see also Germany v Britain tussle over new EU data privacy rules.) It has yet to draft its own first reading text, which it can only do when it gets a text from the Parliament. Hence, there are still big question marks hanging over the albrecht report and its chances of being adopted in 2014. The issue for the Civil Liberties (LIBE) committee is whether it's better to go in now and negotiate, bearing in mind that this is unusual, although permitted process - or is it better to establish a position in the plenary, and go in to the trilogue negotiation potentially with a stronger position?
There are a number of questions raised by Mr Albrecht’s proposed compromises on the General Data Protection Regulation. Here are just a few of them:
1 . Opt-in or opt-out - Mr Albrecht has publicly said that the directive states where an op-in or an opt-out is required. To me, it looks like there is an opt-in for profiling, but an opt-out for online behavioural targetting. This is not the same as ‘direct marketing’ – or is it? This should be clarified.
2. A new regime of icons will be created – websites will have to display icons - it really is not clear what the practical implications of this are. For someone running a small website, it sounds like an onerous obligation, and, depending on implementation, it’s one that could entrench monopolies. This should be questioned hard and clarified.
3. The regulatory regime – Mr Albrecht appears to have come down in favour of the ‘main establishment’ principle. The principle, and how it would operate in practice, should be clarified.
4. Consistency with the e-Privacy directive. A question raised by industry. This may well be outside the scope of the Data Protection Regulation, but the issues should be clarified.
5. Third-party transfer – this relates to behavioural targetting and profiling and is important because much of this type of processing is done by third-party specialist companies.
6. Sanctions – 5% of revenue – can they really mean this? If you are trying to knock Google and Facebook, maybe, but what about an SME business? I just ask the question.
Want to know about trilogues and the European Parliament process? See my book The Copyright Enforcement Enigma Internet politics and the Telecoms Package (Amazon have some very keen prices on it too!)
This is an original article from Iptegrity.com and reflects research that I have carried out. If you refer to it or to its content, please cite my name as the author, and provide a link back to iptegrity.com. Media and Academics – please cite as Monica Horten, 2013, EU privacy under pressure: how positive are the compromises? In Iptegrity.com 21 October 2013. Commercial users - please contact me.