Lobbies on dataprotection

From La Quadrature du Net
Revision as of 15:51, 11 February 2013 by Meli melo (Talk | contribs)

Jump to: navigation, search

This page lists the different lobbies' s documents calling for an extensive definition of personal data, upon the adoption process of the European Commission's Proposal for a General Data Protection Regulation.



The indicated month is when the position has been sent to Members of the European Parliament.

Contents

Corporate associations

International Chamber of Commerce, January 2013

ICC

AmCham, January 2013

AmCham

Svenska resebyråföreningen, January 2012

Swedish

European Envelope Manufacturers Association, January 2013

FEPE

International confederation for printing and allied industries, January 2013

INTERGRAF urges to reject amendments 81 and 135, as it fears a law targeted at the digital world would impact the direct mail business, which also relies on collecting data and sending out mailings (albeit physical). Their claim is that no one is questioning the handling of personal data by postal direct mail operators.

European Small Business Alliance and Association for Competitive Technology, January 2013

1 2

First Data, December 2012

First Data

Eurofinas,December 2012

Eurofinas is the representing lobby for consumer credit providers in Europe. In this document, it's suggesting amendments to the ITRE draft opinion. Those amendments aim at reviewing the definition of personal data and date subjects in an extensive way, allowing the companies to process, use and disseminate personal data freely, without any obligation to inform its consumers.

Insurance Europe, December 2012

Insurance Europe is the representing lobby for Insurance Federations in Europe. In its comments and definitions on the ITRE draft proposal, it's pushing for a limitation of consumer's right to access their data, in the name of business and competition.

Leaseurope, December 2012

Leaseurope is the representing lobby for car rental companies. On the pretext of heavy administrative changes for its members and in the name of business, it's supporting the less protective amendments for citizens, denying them the right to control their data.

EuroISPA, December 2012

EuroISPA

Association of Consumer Credit Information Suppliers(ACCIS), December 2012

1 2

EuroCat, December 2012

EuroCat

European Association of Search and Database Publishing, November 2012

EASDP

Insurance Europe, November 2012

1 2

Digital Europe, November 2012

Digital Europe is the representing lobby for European digital technology industry. Among its members stand Apple, Microsoft, Nokia... (see last page of their document). Among the 64 amendments proposed by the organisation, modifications are made to water down obligations concerning data breaches notifications to the data subject.

European Banking Federation, November 2012

The European Banking Federation is the representing lobby for European banks. As most of the other lobbies, its proposed amendments aim at softening obligations concerning data breaches 24h notification, limitation of profiling and procedure of consent. All of these amendments go against citizens fundamental freedoms.

European Magazine Media Association and European Newspapers Publisher’s Association, November 2012

1 2

Coordination Committee for the Medical Imaging, Electromedical Equipment and eHealth Industry, November 2012

1 2 3

European Association of Craft, Small and Medium-sized Enterprises, November 2012

UEAPME

The German Federal Bar, November 2012

Bundesrechtsanwaltskammer

Bitkom, October 2012

Voting list (sent January 2013)
amendments
paper (in German)

AmCham EU, October 2012

AmCham EU 2

BusinessEurope, October 2012

BusinessEurope

French Banking Federation, October 2012

1 2

GSMA/ETNO, October 2012

ETNO

Confederation of Employers and Industries of Spain, October 2012

Spain

European Association of Search and Database Publishing, October 2012

EASDP

Zentralverband der deutschen Werbewirtschaft, October 2012

Germany's advertising industry umbrella ogranisation (ZAW) makes several points which aim at weakening of some provisions. Some of these are:

  • Pseudonymized and anonymized data should be excluded from the scope of the Regulation.
  • More flexibility when it comes to sharing data with third parties.
  • Pseudonymised and anonymised advertising targeting must be an exception.
  • Leave room for self-regulation.

Handelsverband Deutschland, October 2012

HDE

Insurance Europe, September 2012

1

EuroCommerce, September 2012

EuroCommerce

Luxembourg Business Federation, July 2012

FEDIL

The German Federal Bar, June 2012

The Bundesrechtsanwaltskammer welcomes the new legislation but wants to make sure that it doesn't interfere in their work. Lawyers collect clients' data as a part of their everyday work. The secrecy obligation must be given precedence over any data protection regulations. The state must not have access or regulate the lawyer-client communication. The German Federal Bar proposes a few amendment changes which explicitly add lawyer-client scenarios to the exceptions where consent does not have to be confirmed, since the subject is very well aware of the data collection in such situations. It advocates that sectoral supervisory bodies should be allowed alongside or instead of territorial data protection control bodies. Lastly the Bunderechtsanwaltskammer want to add a sentence to Article 51: „The supervisory authority shall not be competent to supervise processing operations of courts acting in their judicial capacity” should according to the document be supplemented by „The same shall apply to the activities of lawyers”.

Digital Europe, March 2012

Digital Europe is the lobbying association of European technology producers. In their position paper (Note: see also their proposed amendments further above.) they claim to welcome strong water protection but advocate less paperwork and hence less regulation. Some of their main points include that privacy by design creates unnecessary bureaucratic costs, that the 24 hour data breach notification is similarly too costly to achieve and that administrative sanction create uncertainty and thus harm the industry. Further Digital Europe thinks that the proposed definition of personal data is too broad and that explicit consent is in many cases non-essential and even a big obstacle. The Commission and the DPA should not be granted any extra powers.



Companies

EU companies

Telefonica, December 2012

1 2 3

British Telecom, December 2012

British Telecom

Nokia, November 2012

1 2 3 4

US Companies

Microsoft, ??? 20??

Microsoft

eBay, January 2013

eBay

eBay, December 2012

eBay

eBay, November 2012

eBay

Amazon, November 2012

Amazon

Opower, October 2012

1 2 3

Facebook, March 2012

Facebook sent its recommendations for the IMCO draft opinion:

  • Introduction: “The new legislative framework should focus on encouraging best practice by companies like Facebook rather than on setting out detailed technical rules that will not stand the test of time and may be frustrating and costly for both service providers and users.” (page 1)
  • Facebook is opposing European cooperation of DPCs when it comes to enforcement of the law. They rather have only the Irish DPC to govern them. (page 3)
  • Data processors should be able to make limited decisions and not be seen as controller. (page 4)
  • Facebook opposes “privacy by default” settings. (page 4)
  • Facebook welcomes that users from the age of 13 can consent to data processing and wants to get rid of the definition of a ‘child’ being younger than 18. (page 5)
  • Facebook opposes the sections of the “right to be forgotten” that say that a provider has to inform other providers to delete information. Facebook also opposes that users can insist that information that others posted about them should be removed. (page 6)
  • Facebook opposed proposed legislation on a strict requirement for consent. (page 7)

“The highly prescriptive nature of the requirements for consent contained in Articles 4(8), 5(2) and recital 125 could potentially require more intrusive mechanisms to ask for consent for specific alternatives. This carries the risk of inundating users with thick boxes and warnings”.

  • Facebook opposed proposed legislation for “data breach notifications”. (page 8)

“...even the most minor breaches must be reported to the DPA. Facebook is concerned that this will not allow for effective prioritization of the most serious breaches.”

  • Facebook is pushing for easier data transfer out of the EU/EEA (page 9)
  • Facebook is strictly opposing heavy fines when data protection laws are breached and favors cooperative approach by the authorities.

“Facebook is concerned that the magnitude of potential fines will create I disincentive for innovation and associated job creation among internet service companies. This could be a major blow for the European Union given that the Internet sector is widely recognized as the major driver of job creation and growth in an otherwise moribund economic environment.” (page 10)
Facebook even argues that heavy fines will lead to less data protection and more cost for the state.

  • Facebook is opposing that the European Commission has granted itself too many possibilities for delegated acts.


Summary by Europe v. Facebook


Source: https://dataskydd.net/lobbydokument-i-parlamentet-om-dataskydd/ (Swedish)

Personal tools