Ready to Rumble?

This morning I attended a lecture given by European Commissioner Viviane Reding – and I have to say I was impressed. The lecture was at my old Alma Mater, the LSE, with the estimable Professor Andrew Murray in the chair, and was officially about the importance of data protection in keeping businesses competitive – but in practice it turned about to be a vigorous defence of the new Data Protection Regulation. Commissioner Reding was robust, forthright – and remarkably straightforward for someone in her position.

Her speech started off by looking at the changes that have taken place since the original Data Protection Directive – which was brought in in 1995. She didn’t waste much time – most of the changes are pretty much self-evident to anyone who’s paid much attention, and she knew that her audience wasn’t the kind that would need to be told. The key, though, was that she was looking from the perspective of business. The needs of businesses have changed – and as she put it, the new regulation was designed to meet those needs.

The key points from this perspective will be familiar to most who have studied the planned regulation. First and foremost, because it is a regulation rather than a directive, it applies uniformly throughout the EU, creating both an even playing field and a degree of certainty. Secondly, it is intended to remove ‘red tape’ – multinational companies will only have to deal with the data protection authorities in the country that is their primary base, rather than having to deal with a separate authority for each country they operate in. Taken together, she said that the administrative burden for companies would go down by 2.3 billion Euro a year. It was very direct and clear – she certainly seems to believe what she’s saying.

She also made the point (which she’s made before) that the right to be forgotten, which has received a lot of press, and which I’ve written about before (ad nauseam I suspect), is NOT a threat to free expression, and not a tool for censorship, regardless of how that point seems to be misunderstood or misrepresented. The key, as she described, is to understand that no rights are absolute, and that they have to compete with other rights – and they certainly don’t override them. As I’ve also noted before, this is something that isn’t really understood in the US as well as it is in Europe – the American ‘take’ on rights is much more absolutists, which is one of the reason they accept as ‘rights’ a much narrower range of things that most of the rest of the world.

I doubt her words on the right to be forgotten will cut much mustard with the critics of the right on either side of the Atlantic – but I’m not sure that will matter that much to Commissioner Reding. She’s ready for a fight on this, it seems to me, and for quite a lot else besides. Those who might be expecting her to back down, to compromise, I think are in for a surprise. She’s ready to rumble…

The first and biggest opponent she’s ready to take on looks like being Google. She name-checked them several times both in the speech and in her answers to questions. She talked specifically about the new Google privacy policy – coming into force today – and in answer to a question I asked about the apparent resistance of US companies to data protection she freely admitted that part of the reason for the form and content of the regulation is to give the Commission teeth in its dealings with companies like Google. Now, she said, there was little that Europe could do to Google. Each of the individual countries in the EU could challenge Google, and each could potentially fine Google. ‘Peanuts’ was the word that she used about these fines, freely acknowledging that she didn’t have the weapons with which to fight. With the new regulations, however, they could fine Google 2% of their worldwide revenue. 560 million euro was the figure she quoted: enough to get even Google to stand up and take notice.

She showed no sign of backing down on cookies either – reiterating the need for explicit, informed consent whenever data is gathered, including details of the purposes to which the data is to be put. She seemed ready for a fight on that as well.

Overall, it was a combative Commissioner that took to the lectern this morning – and I was impressed. She’s ready for the fight, whether businesses and governments want it or not. As I’ve blogged elsewhere, the UK government doesn’t share her enthusiasm for a strengthening of data protection, and the reaction from the US has been far from entirely positive either. Commissioner Reding had a few words for the US too, applauding Obama’s moves for online privacy (about which I’ve blogged here) but suggesting that the US is a good way behind the EU in dealing with privacy. They’re still playing catch-up, talking about it and suggesting ideas, but not ready to take the bull by the horns yet. We may yet lead them to the promised land, seemed to be the message…. and only with her tongue half in her cheek.

She’s not going to give up – and neither should she, in my opinion. This is important stuff, and it needs fighting for. She’s one of the ‘Crazy Europeans‘ about which I’ve written before – but we need them. As @spinzo tweeted to me there’s ‘nothing more frightening than a self-righteous regulator backed by federal fiat and federal coffers’ – but I’d LIKE some of the companies involved in privacy invasive practices around the net to be frightened. If they behaved in a bit more of a privacy friendly way we wouldn’t need the likes of Commissioner Reding to be ready to rumble. They don’t – and we do!

3 thoughts on “Ready to Rumble?

  1. Paul,
    Interesting blog layout and background, though I prefer the austere view stripped of all formatting, which is how the mobile site looks. In any case, what matters is the content. 🙂

    I have two points on the issue of rights and personal information. In the United States, the political system is based explicitly on a belief, which is often forgotten or overlooked because of the tensions it creates, on natural rights. The American founders explicitly created the country upon the idea of the laws of nature and nature’s god. As such, the view of what constitutes a “right” moves well beyond positive law, which is the basis for much of Europe’s modern law. The UK is a compromise in that it has the common law tradition.

    Second, we need stronger or more robust regulators in this area because of what privacy means. In reality, we are past the age of privacy and it is unlikely to return. Instead, what we are embarking on is a new era of profiting directly from personal information. In the past, marketing drew upon personal information in a secondary way, i.e. market segmentation and other devices to improve marketing. The personal information revolution means that the actual personal information becomes a huge commodity, which is what Google and Facebook want to harvest. Imagine that all your contacts and links for sale. In the past, a company’s client list was a well guarded secret and protected with robust legal defences. Now, put a person in place of the company and we see the opportunity for commercial exploitation.

    In such a world, we need a strong regulator. Yet, they will actually be weak and relatively benign despite the rousing lecture. Why? Governments are now getting in the business of harvesting and selling personal information. They are going to get in the same business (in many cases they already are in that business) that Facebook and Google are doing already. As I argued elsewhere, this is already happening.
    To put it differently but directly, Tesco’s clubcard is turned inside out with Facebook’s databases, and it finds its fullest expression in a government’s census. Who will be able to argue with a government that wants to create business and jobs when they look to exploit the census for such potential? What regulator is going to be able to stop them when the public are already being habituated, through loyalty cards and Facebook and Google, to share their personal information and allow it to be exploited?

    We are living in exciting times with personal information and the management revolutions.

  2. Thanks Lawrence – really excellent stuff. I think the differences in the approaches to rights between the US and Europe are going to really become important over the next few years. I have a feeling neither side really understands that the other side sees it differently!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s