4 Comments

Summary:

Lawsuits against companies such as Google and Facebook for breaching privacy rules would become even more likely under new rules being considered by the European Commission, along with criminal sanctions and fines. European regulators have been far more active on privacy concerns than U.S. authorities.

Lawsuits against companies such as Google and Facebook for breaching privacy rules would become even more likely under new rules being considered by European regulators, including the threat of criminal sanctions and fines. According to a report by Bloomberg, which says it obtained a copy of the proposed regulatory changes, the European Commission is recommending that there be expanded criminal penalties for companies that breach their users’ privacy, and that users should have the right to remove their personal data, lists of friends, photos and other information from various services.

The recommendations were made in a paper presented by the European Union’s executive body, which is responsible for proposing legislation and enacting standards for the EU, and consists of a cabinet with 27 commissioners, one from every member state. The European community has been fairly hard-nosed on privacy as it applies to services like Facebook and Google’s Street View, which has been criticized for a number of reasons, and faced potential restrictions from European states even before the company admitted that its Street View cars were inadvertently capturing personal data.

Facebook — which is facing a potential government inquiry in the U.S. related to the transmission of personal details via some of the apps that run on the network — has also faced scrutiny from a number of EU states both EU and non-EU countries, including Switzerland and Germany. The European Commission has made it clear on a number of occasions that it wants to put the strength of criminal penalties behind its privacy rules: EU Justice Commission Vivian Reding has said the EU needs to “strengthen enforcement [and] incorporate the fundamental principles of data protection to cover all areas of EU competence, including police and judicial cooperation in criminal matters.”

Meanwhile, Google has avoided potential prosecution in Canada, where the country’s national privacy commissioner has been investigating the breach of personal privacy that occurred when the company’s Street View cars collected personal data from open wireless networks. On Tuesday, commissioner Jennifer Stoddart said that while the case involved a “serious violation of Canadians’ privacy rights,” Canada will not be pursuing criminal penalties against the company. The commission’s file on the incident will not be closed, however, until Google can show that it has taken steps to improve its internal data protection policies as outlined by the commission.

Are fines and other criminal proceedings really the best way to achieve protection for privacy online? The Canadian government’s decision suggests it sees negotiating with companies as a preferable strategy, rather than lawsuits or criminal penalties, while the EU seems determined to pursue the legal route (although the expanded penalties and sanctions are still just a recommendation from the European Commission). What kind of effect the EU’s “big stick” approach might actually have on privacy practices remains to be seen.

Related content from GigaOM Pro (sub req’d):

  1. There’s a factual error in this article: Switzerland is not an EU member state.

    Share
    1. Thanks for catching that! I will update the post.

      Share
      1. Dan Villiom Podlaski Christiansen Thursday, October 21, 2010

        Thanks! Something like this would seem basic to a European, but I can understand why it’s an easy mistake to make for an American. Especially considering the close relationship Switzerland has to the EU — another country frequently mistaken for a member state is Norway. Both are part of the European Free Trade Association, but again, not EU member states.

        Anyway, I’d like to commend you for a well-written article. I think it’s a well-balanced introduction to an approach to privacy that differs significantly from what seems common in the US. Personally, I find it fascinating how the US approach to data privacy — or lack thereof — causes people to equate privacy with anonymity…

        Share
  2. [...] Street Journal story. Even before that, online privacy bills had been proposed in the House, and European regulators are passing fresh proposals around the EC. I doubt the online media industry wants to rely on congressmen understanding the [...]

    Share

Comments have been disabled for this post