Major Loopholes Remain in European Parliament's Data Protection Regulation

Paris, 12 March 2014 — Today the European Parliament adopted Jan Philipp Albrecht's report on the General Data Protection Regulation at first reading. MEPs finally succeeded in resisting pressure by lobbyists, rejecting most of their harmful proposals. Although important improvements were adopted, the dangerous concepts of “legitimate interest” and “pseudonomyous data” remain and could make the final text ineffective in protecting citizens.

On 21 October 2013, the “Civil Liberties” (LIBE) committee adopted its report on the General Data Protection Regulation, before giving its rapporteur, Jan Philipp Albrecht (Greens/EFA – DE) the mandate to negotiate an agreement with the European Commission and Council of Ministers behind closed doors (trilogue). After these negotiations failed to reach a consensus, the European Parliament adopted the same text as LIBE.

Despite some of the heaviest lobbying ever seen in Brussels led by the banking, technology sectors and foreign governments, the mobilisation of civil society succeeded in convincing MEPs to preserve most of the positive changes introduced by the European Commission in 2012: explicit consent, effective sanctions (now up to 5% of a company's worldwide turnover), a clearly defined and wide territorial scope, stronger and well-balanced rights for citizens.

Unfortunately MEPs failed to address the most significant weakness in the Commission's initial 2012 proposal, namely the broad definition of “legitimate interest”. Anybody's “legitimate interest” can be used as a legal basis to bypass users' consent for the processing of their data. Moreover, the report introduces the misleading concept of “pseudonymous” data, favoured by the technology lobbyists.

Next 5-6 June, the Council is scheduled to publish its position on this Regulation.

“Today's vote closes the first chapter of a long process which will determine whether citizens will regain control over their privacy. Although civil society strongly fought back the lobbying of banks, tech giants and governments, MEPs failed to fix several significant and dangerous loopholes. Citizens must urge their national governments to close these loopholes, in order to preserve those improvements and refrain the introduction of new derogations in the text. As this Regulation will be finalised by the next Parliament, citizens should raise the issue with their candidates during the upcoming campaign.” concluded Miriam Artino, policy analyst at the association La Quadrature du Net.