Interview with the European Union Privacy Chief

Interesting interview with Viviane Reding, the vice president of the EU Justice Commission and head of privacy regulation:

The basic values in Europe are that we have the right to our own private, personal data. It's mine. And if one agrees to give that data,then it is available. That is known as opt-in consent and we've had that as law since 1995.

[...]

Protection of individuals is not the question of voluntary action. For us, it is written in our charter of fundamental rights that everyone has the right to the protection of their data.

Differences in privacy law between the US and the EU are going to be a big issue in 2011.

Posted on December 23, 2010 at 5:59 AM • 22 Comments

Comments

KeithDecember 23, 2010 6:48 AM

Reding is actually Vice President of the European Commission (the executive of the EU) and Commissioner for Justice (equivalent of Justice Secretary in the US).

Jan WillemDecember 23, 2010 8:16 AM

I agree with her said values. However, daily practice is different. See the hand over of a lot of personal data by many countries and airliners in Europe to the authorities in the US, where all that data is available to a lot of authorities for a long, long period.

ChristianDecember 23, 2010 8:18 AM

As in 2011 we will see the new Cyberwar is the old Cyberwar:
Its government vs civil-rights activist
or analogous people in power vs digital age.

In that way we will definately see more leak sides appear (Openleaks...) that will try to fight government secrecy.

The target is peace for the world in the future. (i.e. read Kant on that topic http://en.wikipedia.org/wiki/Perpetual_peace imho he is right).

And I am sure we will witness a lot of doublespeak and laws from Governments against openness and transparency.

Dirk PraetDecember 23, 2010 8:23 AM

From the interview: "Why put all these into law instead of voluntary commitments by companies?"

Because that's not the way companies operate. Companies are driven by profit only. Full stop. Without legislation and regulation, anything that stands in the way of profit is irrelevant. And to keep up appearances, they will donate to charity from time to time.

Snarki, child of LokiDecember 23, 2010 8:37 AM

Companies treat your personal data as property: an asset that they can use, sell, rent, etc.

Their response to privacy advocates: How dare you try and take away their property! (Not what they'll say explicitly, but that's the motivation)

SO, treat this is a property rights issue, and see if that's a good model. The problem for consumers is that their personal data has been "mined" without their consent. The EU laws get the consent part right, but I think one can do better.

So perhaps personal data should be somewhat like mineral rights for real estate...you can sign them away (for a price), you can rent them out (for a price) you can refuse to negotiate and keep your data. And you have a financial stake in the data, which allows the use of civil legal steps in the case of disputes or misdeeds.

Joss GilletDecember 23, 2010 8:56 AM

Interesting indeed, it's been a hot topic for a while, not necessarily a 2011 milestone. I've interviewed a French Senator on this topic here:

http://blog.cannycloud.com/interview-yves-detraigne-senator-france-on-data-privacy/

and also touched on the difference between the US and Europe here:

http://blog.cannycloud.com/how-can-politicians-help-to-protect-your-data-privacy/

and here:

http://blog.cannycloud.com/how-does-the-usa-protect-data-privacy/

In the words of Alex Türk:
"I remember showing my bare ass at a Christmas party, in 1969. I haven’t done it again since. And I wouldn’t like that to follow me around".

xopDecember 23, 2010 9:04 AM

@Joss Gillet:
In the words of Alex Türk:
"I remember showing my bare ass at a Christmas party, in 1969. I haven’t done it again since. And I wouldn’t like that to follow me around".

---

hmmm...wonder if quoting Mr Türk's statement may eventually counteract his wish and make the story of him baring his ass to an internet meme.

D#DDecember 23, 2010 9:16 AM

installing spyware on your harddrive is not legal without your fully informed consent, as that hard drive is private property. the datamines are committing criminal stalking and espionage and have made a business of fencing the stolen goods. They deserve to be sent to prison for a period of time that will reform their views and practices on privacy invasion. The law should also require informed consent whenever this data is sold. and payment for this consideration. Remember, you cannot legally root out information about any corporation and use it to make money, as that would be illegal insider trading. but they can stalk you, spy on you and trade in the information all day and they can even pretend that you were informed but you weren't. This is all reason to corrupt all publically held records with tall tales and bs. whenever possible, as well as mispellings of your name.

David ThornleyDecember 23, 2010 9:45 AM

@Dirk: In addition, companies cannot necessarily make binding commitments without legal support. As an extreme, consider a company that holds personal data going into bankruptcy. At least in the US, Chapter 7 bankruptcy involves appointing a conservator whose job is to liquidate the corporate assets for as much money as possible.

The personal information is worth something on the open market, and without some sort of legal reason not to it is the duty of the conservator to sell it for as much as possible.

AlDecember 23, 2010 12:23 PM

Here in the UK the major retail outlets have "loyalty cards" to get round the data protection act. Legally this is opt-in, but the consumer is never told the true purpose of these cards so is this really opt-in?

FranceDecember 23, 2010 10:49 PM

@Snarki,

In my part of the world (Ontario, Canada), mineral rights are sometimes held separately from other property rights, usually by government but I don't know the extent of this. I think quite a few people don't know this about their property.

Clive RobinsonDecember 24, 2010 12:52 AM

@

"Because that's not the way companies operate. Companies are driven by profit only. Full stop Without legislation and regulation, anything that stands in the way of profit is irrelevant. And to keep up appearances, they will donate to charity from time to time."

You also forgot to mention "short term".

Most companies that are not owner controled have Directors with a very short term outlook (they know the average Exec life at there level is 18months before the shareholders dump them).

Thus they economise on infrastructure maintenance amongst other things.

The result the "short term profit" is the reverse of an investment in the long term future of the company. We have seen this with a number of Utility comapnies that don't invest in infrastructure or worse invest badly (Using natural gas to generate electricity for instance). Making the infrastructure more "brittle" with time, and much more prone to cascade failure.

Due to "de-regulation" we the consumer have no say in this behaviour which is critical to our way of life long term.

For instance where high voltage underground power distrubution cables have failed many many businesses either go bankrupt or move perminantly from the area taking jobs with them.

Davi OttenheimerDecember 24, 2010 2:21 AM

I went to a conference a few years back where privacy was the main topic. I remember Germany and Argentina were said to have the strictest laws (obviously related to historic events), but Chile and Switzerland had privacy breach cases and differences that were also very interesting.

It was soon after the 2001 PATRIOT (Providing Appropriate Tools Required to Intercept and Obstruct Terrorism) Act signed by President Bush; many of the people I spoke with said that was the most significant turning point in privacy relations between the US and Europe.

So I can see how the years after 2001 brought big changes due to differences but what's up with 2011? Do you mean it will continue the trend?

RulmanDecember 24, 2010 1:13 PM

And I am sure we will witness a lot of doublespeak and laws from Governments against openness and transparency.
So I can see how the years after 2001 brought big changes due to differences but what's up with 2011? Do you mean it will continue the trend

xlDecember 24, 2010 8:03 PM

One of the largest collectors of data from people is the "do no evil" company Google.

In a recent article CNN talks about a guy (Brian Kennish) who worked for Google recently:

Brian Kennish left Google in November to focus more on programs that empower people to take control of their privacy online.

"I had this holy-cow moment when I realized what was going on," Kennish said. "There's just so much unknown about what's being done with this data."

"I think there is a good reason to be concerned with it all and, frankly, to be fearful of it," he said.

Last week, he released a second browser extension, another tool for Google Chrome, called Disconnect. Once installed, the program blocks major internet companies, including Google, from installing cookies on -- and thus tracking -- a computer.

People using Disconnect can decide which cookies they'd like to allow onto their system. Cookies can be helpful when, for example, you'd like a website to remember your login credentials and not ask for them every time you visit.

"I would like to see us move to a point where all the data that's collected about folks is intentional," rather than without people's knowledge, Kennish said. "So if I give you permission to collect my data, then go ahead and do it."
(see URL for source)

Aaron BinnsDecember 29, 2010 5:33 PM

The privacy laws are also a big concern to European libraries that archive web content. For example in Denmark, their legal deposit laws oblige their royal library to archive "the Danish web" but their privacy laws prevent access to it. So, they've been web archiving since the late 1990s but none of it is accessible...yet.

zorroJanuary 3, 2011 8:56 AM

@Martin Schröder
"The USA have privacy laws? Really? Not in the european sense."

---

yea but then again Americans would not provide some of their personal information to their government as gladly as the Europeans do. Consider for example the aspect of moving house. In Europe people obediently tell their Big Brother where they are moving to and "register out" of their kommun or gemeente. It would be hard to get Americans to agree to something like that.

Besides that I wonder what kind of miracles this will do to European Union privacy:

US and Germany developing secret spy satellites: cable
The project, named HiROS, envisions the construction of an undetermined number of high-resolution observation satellites capable of spotting any object on the planet down to a size of just 50 centimetres (about 1.5 feet), according to classified cables from US embassy in Berlin leaked to WikiLeaks and obtained by Norwegian daily Aftenposten.

The satellites will have the capacity to take infrared images at night and to send images much quicker back to earth than the satellites currently in service, the cables showed.

Due to the controversial nature of the programme, US and German officials have decided it should be presented as a civilian project with environmental aims, run by commercial entities.

But in reality it is "under the total control" of German intelligence service BND and the German aerospace centre DLR, the cables showed.

(see my URL for the source of the article)

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.