Google, Facebook and other U.S. technology companies have been given a wake-up call with moves by Europe to impose stricter rules on data protection, but have nothing to fear from them, one of the architects of the legislation said.
The European Parliament’s civil liberties committee voted overwhelmingly in favor of a tougher data privacy regime on Monday, including fines of up to 100 million euros for companies that violate the rules, which limit how data is shared with non-EU countries, among other things.
The decision means negotiations with member states should move ahead in the coming months, with the aim of having a new code of conduct agreed by May next year, the first fundamental updating of Europe’s data protection laws since 1995.
As well as stiff fines for companies that break the rules, the new regime would oblige companies to seek consent before using personal information, would block data-sharing with non-EU countries unless approved by an EU data protection supervisor and establish the “right to erasure” – the ability for consumers to request the deletion of their digital trace, including photographs, emails and Internet postings.
Jan Philipp Albrecht, a 30-year-old German from the Greens party, who was the lead parliamentary negotiator on the legislation, said it should serve as a wake-up call for how Google and others use the data they collect, especially in light of the leaks from U.S. data analyst Edward Snowden about U.S. surveillance activities at home and abroad.
“They’ve had a learning process for a long time and now we need to say clearly what the rules are and how they will be applied,” Albrecht said of Google, Facebook, Yahoo! and others that had been compelled to share data with U.S. authorities.
“I think the wake-up call really came with the Snowden revelations. But the new rules don’t just apply to U.S. companies, they apply to companies everywhere around the world, including in Europe, handling European data,” he told Reuters.
Asked if Google and the others had anything to fear from Europe, he replied: “No, I don’t think so. They will be able to do their business as they do today.
“But if they retain data for longer than is necessary, or if they don’t inform consumers about how their data is being used, they will be in violation of the rules.
“If Google just tries to involve consumers in the process and doesn’t hide its intentions or the extent to which personal data are involved, then it will be okay.”
All the major technology companies have lobbied hard against the data protection regulation since it was unveiled in early 2012, concerned that the rules will damage their business model by imposing a costly burden on how they handle data, and their ability to target products and services at consumers.
U.S. authorities are also worried that if Europe establishes a tough new data regime, the tendency will be for countries in Latin America, Asia, the Middle East and Africa to drift towards Europe’s standards so as not to fall behind.
That would leave the United States either having to promise the same level of data protection or lobbying to get countries to lower their standards. An uneven regulatory playing field would make it harder for U.S. and other firms to compete.
Albrecht, one of the youngest members of the 766-seat parliament, said he felt partially responsible for representing a younger generation that has a different attitude towards their personal data and how it should be used or shared.
“We have a different perspective on how we communicate and live together in a globalised digital environment,” he said. “We need to safeguard certain fundamental principles and rights because governments haven’t been engaged on that.”
He sees the United States, which has been the leading advocate of open access to data, a cultural norm that has in many respects helped fuel the growth of companies such as Google and Facebook, slowly changing its attitude.
“There is a move in U.S. society as well about the protection of data and consumer self-determination in the market. We need to reassess the relationship between consumers and companies and the way citizens’ data is used.”
(Editing by Alison Williams)