Building consumer trust is key to new EU data protection rules. This was the broad consensus of senior European politicians and representatives of the industry and civil society at an event organised by European Voice on 26 March. This was the third in a series of Brussels debates supported by Telefónica on the theme of consumer trust and confidence in the digital environment.
Viviane Reding, the European Commission vice-president responsible for justice, fundamental rights and citizenship, told a packed conference room that the EU’s existing rules, which date back to 1995, needed to be updated to reflect the importance of the internet to citizens and business.
Reding, who put forward reform proposals in January 2012, said that reforms should be approved by the current European Parliament before it heads into elections in May 2014.
As a strong advocate of high standards of data protection, Reding urged policy-makers to go full speed ahead. ''Those who want to maintain a high level of protection in Europe have recognized the need to move fast,'' she told some 150 guests at the conference. ''Those who want to lower the level of protection in Europe have tried to slow the file down. The first category is in the lead.'' Yet, that is not always as clear as the defenders of strict protection regulation might hope.
Seán Kelly, an Irish MEP who drafted the EP’s industry and research committee’s report on the proposals, said there could be problems with this ambitious timetable. ''That is a tall order,'' he said, even though he did not exclude it could be done. Kelly said that he had to deal with over 900 amendments as the industry committee worked overtime to push through the dossier.
Now the file is in the hands of the Parliament’s civil liberties, justice and home affairs committee, where just under 3,000 amendments have been tabled and a vote originally planned for April has been postponed until the end of May.
Even more important was the question of consent, and there, industry joined civil society in stressing that consumers had to have full trust in new data protection rules.
Ronan Dunne, chief executive of Telefónica UK, said: “'If we get it wrong, not only will customers not want to use these new services, but then they simply opt out and stop embracing digital services altogether.'' He said that his company was actively seeking to engage its customers in confidence-building measures, offering informed choice and meaningful options and laying out the mutual benefits. This would enable consumers to choose how much personal data can be used over and above the core services. Pro-actively engaging consumers so they understand the benefits of sharing data was much better than asking for consent just by ticking a box on a screen, he said.
Reding said under the proposed new rules consent should be “explict” rather than ''unambiguous” as the current legislation states. She countered those who warned that this could lead to multiple layers of steps for consumers to perform to confirm consent to their data being used. ''Computers overheating because of hundreds of pop-ups on the screen?'' This would not be the case, she said. Reding said there were plenty of checks and balances to keep rules from becoming an excessive burden.
Joe McNamee, executive director of European Digital Rights (EDRi), a group of 32 privacy and digital civil rights groups across Europe, said he found himself ''in the strange situation of echoing much of what the previous speakers were saying”'. He insisted though that EU citizens were still on very thin ice when it came to their fundamental rights. In a thinly veiled reference to U.S. digital giants, he said that multinationals were still ''investing huge sums in trying to maintain a status quo that has been very good to them.'' He chided EU officials for being too optimistic in their assessments of the challenges ahead, insisting many fundamental rights were still under threat.
Speakers agreed that it is a major challenge to achieve a common set of rules for data protection in all 27 EU member states. Creating a level playing field with the US would take even longer, Telefónica’s Dunne said.
''Whether we end up in the situation of completely the same regime across all of the big regions, I think will probably not be in the lifetime of this CEO,'' said Telefónica's Dunne. ''But, it is probably an aspiration we should not lose sight of.''
This event was a perfect opportunity for Telefónica to present Vice-president Reding with a copy of its recent publication, “Privacy and Security over the Network: regulation and markets”, to which she had contributed. It brings together expert contributions reflecting EU and US perspectives from business, politics and academia and can be downloaded here.