EU governments approve privacy text that threatens online business
Posted on: Monday 15 June 2015
EU Justice ministers endorsed their version of new privacy rules that could hamper the data-driven advertising that funds much of the Internet.
The blunt-instrument approach in the current review threatens to hobble a sector that continues to show strong growth, without achieving meaningful privacy improvements for EU consumers.
Ministers signed off on a “general approach” after three years of discussions. This text now must be negotiated with the European Parliament and the European Commission to agree on a final law.
Three points of the text represent serious cause for concern:
• The future regulation looks like placing additional restrictions on companies’ ability to process data, making the new rules more restrictive than those now in force. For example, several provisions of the text, taken together, may outlaw the processing of aggregated customer data that provides advertisers crucial information about the effectiveness of their ads. Ironically, this means a review intended to adapt EU rules to the Internet age may instead wind the clock back.
• The new text exposes companies for the first time to the risk of punitive fines in case of even inadvertent breach of the rules – including for data processing that causes no meaningful privacy risk to users.
• Ministers gutted the “one-stop shop” principle that was the centre-piece of the original proposal. Instead of dealing with 28 different national privacy regulations, businesses were supposed to be allowed to work with a single data protection authority in the country where they are headquartered or have their main European base. This one-stop shop would have increased efficiency and represented a major advance in Europe’s quest to create a functioning digital single market. But today's text gives any “concerned” authority the power to object to a decision taken by another national regulator.
“The current approach is blunt and indiscriminate – a far cry from the supposed objective of making EU rules fit for purpose in the Internet age”, warned Townsend Feehan, CEO of IAB Europe. “The future regulatory framework needs to enable digital advertising to fund the informational, educational, entertainment and E-commerce services that European users enjoy online at little or no cost. That is not what is on the table right now. It is no exaggeration to say that a draconian regulation could drive small and medium-sized companies responsible for much of the innovation we see in the industry today out of Europe.”
“Users do need transparency and choice about the processing of their data online, including for advertising”, notes Feehan. “IAB Europe members are working hard to explain complex privacy policies. They are trying to help users learn as much, or as little, as they want to about how the technology and business models work. They are committed to effective self-regulation, which can adapt faster than the law to the changing landscape and consumers’ evolving needs.”
"We hope that the upcoming negotiations on the final law will take account of these concerns and allow digital advertising to continue to be a motor for Europe’s Digital Single Market and global competitiveness."
Data is key for digital innovation and digital innovation is key for growth and jobs. Online advertising spend in Europe is growing fast, up 11.6% in 2014 to EUR 30.7 billion compared to EUR 27.4 billion in 2013. Revenues have more than quadrupled since 2006 - while the overall European economy has stagnated.
A data protection regime that is more constraining than the current law, dating from 1995, would undermine Europe’s ability to benefit from the digital revolution, and needlessly handicap dynamic EU-based SMEs that are trying to compete in the global marketplace.