Slashdot Mirror
New EU Legal Privacy Framework: We're Not Kidding
An anonymous reader writes "Viviane Reding, Vice-President of the European Commission announced today a new regulation for data privacy in Europe (PDF) in replacement of a 1995 Directive. Recently, privacy laws have been under a lot of criticism for their practical inability to ensure a high level of protection to EU citizens. The new data privacy framework will bring a lot of changes: 24 hours security breach notifications, mandatory security assessments, end of notifications to local data privacy agencies, mandatory data protection officers and huge administrative fines: up to 2% of the annual worldwide turnover (that would have meant $1.2 Billion for Microsoft in 2008). Indeed that's 'the necessary "teeth" so the rules can be enforced.'"
No it can't just be ignored. If these laws pass, every EU country will be forced to implement them. The European Commission has very sharp teeth indeed on stuff like this, and does not take kindly to companies trying to ignore its rules.
That's roughly what a lot of people said before the EU went after Microsoft for anti-competitive behaviour, too. More than $1,000,000,000 in fines for defying sanctions later, those people had changed their tune.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Well the obvious answer is that they can't if it really has no EU ties, just like they can't do anything about sites outside the EU hosting child porn currently.
But that's just the way the world works, it's designed with that knowledge, but it wont protect companies like Facebook, Google, Apple etc. as they do have a prescence, and even if they withdrew that prescence they could potentially still harm those companies by preventing EU firms advertising with them for example.
I'm sure firms will argue it'll cause some competitive disadvantage, but I'm not convinced that's true- I'd argue the opposite if anything, users across the globe should feel far more comfortable using companies that adhere to these rules, than those that don't.
So I don't really see how it'll be a failure, it'll force all major online firms to adhere to it because they do have an EU prescence, and from there anyone else that doesn't comply will have the disadvantage of being much less attractive to customers. Who wants their data held by some fly by night company that has no restrictions on what it can do with that data when they can instead use a company with more ethical rules surrounding what it can and will do with your data?
Perhaps you haven't noticed, but being associated with Big Media is pretty much toxic for politicians right now.
Oh, and also in case you hadn't noticed, the EU hasn't actually signed ACTA yet. Technically they have until March next year, IIRC, though I expect someone will try to sneak it through in the very near future before the politicians realise it's too close to SOPA and PIPA (in some respects) and likely to cause similar grief.
Also, while the European Commission (the unelected guys who seem to be behind the secret negotiations) still publicly support ACTA, whether they can get it through the European Parliament (the elected guys who recently got new teeth under the Lisbon Treaty and seem to be enjoying exercising their powers) is a different question.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
My only dissapoint is the constant bandying about of the fines thing. They point out that 2% is massive in monetary value, well yes, it can be, but it's not enough of a deterrent.
In the UK, for companies like Phorm, and ACS:Law, this would be zero deterrent to what they did, the fines shouldn't be capped percentage wise, as only a fine of perhaps 80% of annual revenue would've been enough to make Phorm and ACS:Law start behaving. The $1.2bn figure for MS sounds a lot less scary when you consider for someone like Andrew Crossley at ACS:Law who really has been in gross breach of the UK's data protection act, were he bringing in £250,000 a year with his personal one man business, would only see a fine of £5000, still leaving him £245,000 to take home. Where the fuck is the deterrent in that? You could write it off as the cost of doing business and just carry on doing it.
Jail terms for owners/execs, or completely uncapped fines left to the decision of the judge as to what size fine to levy would be the only real deterrents. That's the biggest problem I see with this proposed law - there's no worthwhile deterrent for companies with no positive image to protect (e.g. Phorm) in the fines, they're toothless as proposed right now.
Although repeated infringements can quite easily ruin a company, and that is the intent of the law: companies should never be in the situation of deciding that ignoring a law and regularly paying the fines is just the cost of doing business.
I am TheRaven on Soylent News
And yet somehow, bureaucratic oppressive Europe got awesome privacy legislation. What did the democratic land of the free get? SOPA.
Life is good here in the socialist hellhole. ;-)
Every time I see that measured, it consistently shows the US having the least social mobility of all developed nations. For example, here: http://ftp.iza.org/dp1993.pdf and http://wrap.warwick.ac.uk/81/
I do often see the claim that the US has an advantage here, but I have never, ever seen it backed up, while I have seen the counterclaim backed up.