Is data privacy in the EU facing a red alert situation?

Industry proposals have found their way verbatim into MEPs’ tabled amendments

“There’s no jobs benefit for a country in allowing an airline to overcharge people for a flight because they’re allowed to collect enough data to know who the passenger is and where they need to be on a given day,” said Max Schrems, an Austrian campaigner and part of the Lobbyplag group.
“There’s no jobs benefit for a country in allowing an airline to overcharge people for a flight because they’re allowed to collect enough data to know who the passenger is and where they need to be on a given day,” said Max Schrems, an Austrian campaigner and part of the Lobbyplag group.

Privacy in the EU is facing a red alert, if the privacy campaigners at Lobbyplag. eu are to be believed. That is the impression you could draw from their report analysing the state of play for a new data protection rulebook in Europe.

EU capitals are dismissive, but the timing of their report is no coincidence: talks between member states reach a crucial stage this week in Brussels. EU governments say they are anxious to strike a balance between citizens’ right to privacy and the right of private and public bodies to do business and offer services based on collection of user data.

But Lobbyplag has its doubts about whose interests have priority in the talks. Two years ago it highlighted how many industry lobby proposals for the new data collection regime had found their way – verbatim – into amendments tabled by members of the European parliament, including Irish MEPs.

Now Lobbyplag has turned its attention to the European Council, where member states meet, and 11,000 pages of their confidential documents. The privacy campaigners' view: member state proposals are heavily skewed towards less, not more, privacy. And the three countries doing the most to ensure this is the case, Lobbyplag says, are Britain, Ireland and Germany.

READ MORE

Berlin leads the way, the group says, both in its campaigning fervour and in the direction of its proposals.

Germany wants to change rules limiting data sharing for “specified and explicit purposes”, and to allow sharing with third parties which believe they have a legitimate interest in the data – and without the explicit consent of the original user.

Claim and counterclaim

The data protection debate is a nebulous world of claim and counterclaim. Government negotiators accuse campaigners of painting alarmist images that have little to with the real world. What campaigners fail to recognise, they say, is the obligation on states to ensure data privacy laws don’t come at the cost of law-enforcement, historical research, medical treatment or jobs.

Data privacy campaigners, meanwhile, accuse governments of being disingenuous, by forgetting to mention how liberalising data rules assists private companies in their bid to squeeze as much data – and profit – from their customers.

"There's no jobs benefit for a country in allowing an airline to overcharge people for a flight because they're allowed to collect enough data to know who the passenger is and where they need to be on a given day," said Max Schrems, an Austrian campaigner and part of the Lobbyplag group.

Lobbyplag makes no bones about their report’s weaknesses. It does little to contextualise proposed changes, yet rates all either as good, bad or neutral. Bad proposals were those Lobbyplag viewed as lowering standards by extending extra leeway to companies or lowered data collection limits. Any proposals that reduced data collector obligations to citizens, so-called “data subjects”, were also given a negative rating, as were amendments to ease data transfer with non-EU countries.

Anything that went in the opposite direction was viewed as positive while amendments of unclear effect were viewed as neutral. Though they singled out individual countries in their league table, the group says the real danger to privacy standards is a “death by a thousand amendments” arising from industry lobbying at member state level.

Ireland’s role

Based on the Lobbyplag documents it’s difficult to divine the precise role played by Ireland in the negotiations, in particular whether it deserves its third place in the Lobbyplag league table.

EU partners still praise Ireland’s role in advancing the data protection brief during its 2013 presidency. But others remain uneasy, seeing Ireland has having a pro-business, pragmatic approach to privacy. Thanks to Lobbyplag, however, such stone-throwing from Berlin’s privacy glasshouse can be seen in a different light.

As council talks head to a conclusion, opening a final round of negotiations with the commission and parliament, the negative reaction of member states to Lobbyplag’s report is understandable. But rather than complain about Lobbyplag’s simplistic conclusions from a complex process, why don’t member states step up and shine a light on their talks?