Data Protection: Last Opinion Vote in JURI on 19 March
Paris, 11 March 2013 — Revision of the European Data Protection Regulation is ongoing and the “Legal Affairs” (JURI) Committee will vote on its opinion on 19 March. Unfortunately, there are strong indications that JURI will vote in the same way as the previous committees and weaken the protection of EU citizens' privacy against corporations that collect, process and trade their personal data. With only one week left before the vote, citizens must act urgently and contact their members of the European Parliament (MEP).
Following the votes in the “Consumers” (IMCO), “Industry” (ITRE) and “Employment” (EMPL) committees, members of the “Legal Affairs” (JURI) committee will vote on the 19 of March on their opinion on the revision of the Data Protection Regulation. This is the last opinion vote before the main, crucial vote1, on “Civil Liberties” (LIBE) report. The “Legal Affairs” (JURI) Committee, led by Marielle Gallo (France - EPP) – notorious for being one of ACTA's main proponents – is likely to vote in the same way that the three previous committees, weakening the protection of EU citizens' privacy contained in the European Commission's initial proposal. For example, some amendments tabled on the draft opinion suggest reducing the scope of the definition of “personal data”, using the outrageous fallacy of “pseudonymous data”2, and reducing sanctions against violations of the Regulation3.
Some of the most dangerous measures proposed by JURI members are directly copy-pasted from industry lobbyists demands, as the lobbyplag.eu website shows. They would jeopardise the positive advances made by the European Commission's initial proposal, such as the requirement of an explicit consent by the user and the reinforcement of the data protection authorities' powers.
- Defend the principle of explicit and informed consent for specific collection and processing of data, no more, no less;
- Protect all personal data and refuse the absurd concept of “pseudonymous” data to be used as a derogation to safeguards;
- Give data protection authorities the necessary power to protect our rights;
- Ensure that every breach of personal data is immediately notified to both relevant bodies and users, and severely sanctioned if caused by excessive negligence or done on purpose;
- Preventing the use of profiling for taking decisions with a deep impact on our everyday lives.
Each of these concerns is, in fact, mostly addressed in the European Commission's initial proposal. We must ensure that MEPs don't get fooled by the industry's lobbies into introducing more loopholes to the protection of our privacy.
“After the industry had its way in each of the three previous committees, this vote in the ‘Legal Affairs’ Committee is our last chance to get an opinion calling for a better protection of our fundamental right to privacy before the vote of the main committee. These votes are only ‘opinions’, but their impact is not to be underestimated and they may weight on the ‘Civil Liberties’ Committee's report. Before the 19 March, we must act, and urge members of the European Parliament to protect the general interest!” concluded Jérémie Zimmermann, spokesperson for citizen advocacy group La Quadrature du Net.
To get more information and discuss this, you can visit our forum.
- 1. The “Civil Liberties” (LIBE) Committee, led by Jan Philipp Albrecht (Germany - Greens/EFA), is the main committee working on the Data Protection Regulation. It will vote on its report on 24-25 April 2013, taking into account the opinions expressed by the IMCO, ITRE, EMPL and JURI committees. The final LIBE committee report will table the amendments the whole European Parliament will vote on during the first reading in plenary session, expected for the end of 2013.
- 2. Marielle Gallo (France - EPP), Sajjad Karim (UK - ECR) and Klaus-Heiner Lehne (Germany - EPP) have proposed three identical amendments which are the verbatim copies of a measure proposed by both the American Chamber of Commerce (see page 11) and EuroISPA, the 'world's largest association of Internet Services Providers' (see page 2). These amendments dictate that data which are not directly collected or processed together with the name of the data subject may be collected or processed without the data subject's consent, even if these data are tied to an unique identifier (for behavioural targeting, for instance) or may afterwards be easily associated with the data subject (see studies on the matter).
- 3. While the proposed Regulation currently dictates that fines may be imposed to anyone who breaks the Regulation, even for a single and negligent breach, Amendments 63 to 66 tabled by JURI's members propose that only repeated and deliberate breaches of the Regulation may lead to a fine.
- 4. For a more detailed view on the JURI's amendments to reject and to support, see: https://www.laquadrature.net/wiki/Data_protection:_JURI_shortlist