[Previous] [Next] - [Index] [Thread Index] - [Previous in Thread] [Next in Thread]

Subject: UKNM: EU privacy directive
From: Steve Bowbrick
Date: Mon, 29 Jun 1998 15:42:03 +0100

The EU's new privacy directive will not seriously effect countries with
robust data protection regulation in place - the UK, for instance. At least
not much (fx: lawyer kick-starts motorbike, zooms off towards high court).
The big effect, and the one the American Federal Trade Commission and
Commerce Department are exercised about, is likely to be the injunction
against the export of legally captured data to countries with 'inadequate'
regulation - the USA, for instance.

This will, in principle, make it illegal for US companies to ship employee
data from European branch offices to the US for processing, for airlines to
exchange passenger dietary preferences with US offices... <insert your
silly restriction here>.

American opinion on this matter is divided. For instance, John Perry Barlow
thinks it's damned European imperialist meddling, Esther Dyson thinks it's
a business opportunity for data havens, Simson Garfinkel thinks it will
compel the irresponsible US Govt. to face up to its responsibilities, come
into line and get some statutory regulation on the books.

Conflict over the directive will turn on the nicely philosophical issue of
whether there is such a thing as a 'data subject'. In the directive, you
are the 'subject' of the data held about you. This is pretty clever - it
nicely skirts the contradictions of copyright-based data protection (in
which you 'own' your data) but clashes with the typically individualistic
American perspective which would tend to deny the existence of the subject

One likely real effect: a rush by American firms to adopt one or other of
the voluntary privacy codes. They will be hoping that a rash of charter
marks, privacy policies, data pledges and Boy Scout badges will forestall a
Euro clampdown.

Some groups, including the The Brookings Institute in the US, have been
trying to agitate American business on this topic to little effect:

http://www.brook.edu/ES/POLICY/polbrf29.htm. Given that the directive was
published in 1995 and comes into force at the end of October, it's all a
bit late in the day...

[I was going to paste the directive's URL in here but it's twenty-five
lines long! If I can find a shorter one I'll send it out]

Steve Bowbrick Webmedia Group
0171 494 3177 0468 257 570

http://www.webmedia.com/steve steveatwebmedia [dot] com (mailto:steveatwebmedia [dot] com)

  Re: UKNM: EU privacy directive, Darren Wallace

  Re: UKNM: Credit card fraud, Tom Hukins

[Previous] [Next] - [Index] [Thread Index] - [Next in Thread] [Previous in Thread]