EU justice ministers meeting in Luxembourg on Monday voted through the latest stage in new legislations designed to protect personal data under the General Data Protection Regulation. It was purported to modernize EU-wide data protection regulations.
Instead, however, critics say the objective of modernization has not been achieved and its key elements have been weakened to the point of meaninglessness. Rules on data breaches, privacy by design and, especially profiling, are far too weak and unclear.
Factsheet: Stronger data protection rules for Europe #EUdataP pic.twitter.com/PtoeuCdmCJ
— European Commission (@EU_Commission) June 15, 2015
Joe McNamee, Executive Director of European Digital Rights said:
#Privacy and Data Protection under threat from EU Council agreement https://t.co/sFihBKZ1Eo #EUdataP @privacyint pic.twitter.com/QIKrWMOciC
— EDRi (@edri) June 15, 2015
"The Council's position is a mixture of reckless disregard for citizens' fundamental rights and pandering to special interests that led to draft legislation where the number of exceptions is higher than the total number of articles in the previous Directive," McNamee told Sputnik.
Fundamental Principles Disemboweled
Anna Fielder, Board Chair of Privacy International, told Sputnik: "If the purpose of this reform was to strengthen people's control over their personal information and improve enforcement, our governments have achieved the exact opposite.
Privacy and Data Protection under threat from EU Council agreement | @edri https://t.co/i5HJGkQsjW pic.twitter.com/T4507wMz9L
— PrivacyInternational (@privacyint) June 15, 2015
"The Council's revisions to the draft data protection Regulations have done their best to disembowel some of the fundamental principles and further disempower individuals and their representatives by weakening rights."
"Moreover, any notion of harmonized, predictable rules across the Union have gone out of the window; in over a quarter of all the articles of this Regulation individual governments can develop their own rules," she said.
EU's new data protection rules will "kill cloud computing" in Europe, warn Amazon, Cisco, IBM and SAP http://t.co/BB2vNro409
— Pim de Wit (@pimdewit) June 16, 2015
Both organisations say the existing Directive consists of 34 articles. The Council's position has 48 exceptions where Member States can "do what they want, not including the broadening of the list of exceptions provided for in Article 21.
"In fact, Article 21 has broadened government powers so much that they can effectively run a coach and horses through all the rights and protection in this piece of legislation and render it null and void."
