The latest proposals from the Council seek to further undermine protection from profiling. The draft text from the Council not only re-inserts profiling into the (absurdly long) list of measures in the Regulation that Member States can choose not to impose, it also increases the range of justifications for doing so.
On January 5, 2015, the State Administration for Industry and Commerce of the People’s Republic of China published its Measures for the Punishment of Conduct Infringing the Rights and Interests of Consumers (the “Measures”). The Measures contain a number of provisions defining circumstances or actions under which enterprise operators may be deemed to have infringed the rights or interests of consumers.
According to Article 11, “consumer personal information” refers to “information collected by an enterprise operator during the sale of products or provision of services, that can, singly or in combination with other information, identify a consumer.” Article 11 also provides a list of specific examples of “consumer personal information,” including a consumer’s “name, gender, occupation, birth date, identification card number, residential address, contact information, income and financial status, health status, and consumer status.”
While this definition applies only in relation to consumer personal information, it is an instructive milestone in the continuing emergence of China’s sector-by-sector patchwork of rules and regulations governing the collection and use of personal information.
New rules that aim to protect the openness of the Internet will allow telecom and cable groups to prioritize and earn potentially vast income from some types of data, setting up likely clashes with regulators in the future.
Telecom companies such as AT&T and Vodafone have convinced U.S. and European regulators, finalizing so-called "net neutrality" rules, to allow them to dedicate network capacity to services such as providing connectivity to driverless cars and facilitating the exchange of medical data between patients and health professionals.
National governments are unraveling a EU data protection bill for the benefit of big business, according to leaked documents published by pro-privacy campaigners.
Raegan MacDonald, European policy manager at Access, accused the member states of “carving out so many loopholes there’ll soon be nothing left.”
As negotiations on the Telecoms Single Market (TSM) come close to an end, the Parliament may break its promise to deliver net neutrality. Crucial to the net neutrality developments will be the next Council meeting of Telecommunications ministers on June 12th.
For the past two months the EU Commission, the EU Parliament, and the Council of the EU have gathered almost every week to try to strike a deal on the Telecoms Single Market regulation. What began as an omnibus draft regulation has been whittled down to two proposals: one to end data roaming in the EU — which would make make mobile connectivity much cheaper across the continent — and one to enshrine net neutrality, the principle according to which all data should be treated equally, not discriminating among users, websites, or services.
Last week, the Civil Liberties Committee of the European Parliament and the EU member states agreed on a final version of the long-awaited General Data Protection Regulation (GDPR), which is aimed at updating EU data protection rules for the digital age. This regulation will replace the 1995 Data Protection Directive and harmonise data protection — its terms and conditions — across EU member states.
The new rules will ensure individuals are in control of their own data, providing for a long list of users’ rights and a clear set of obligations for companies. At first glance, “obligations” might seem like a headache for businesses that have difficulty meeting their responsibility to respect human rights. However, having harmonised rules across the EU will provide legal certainty and lower the administrative burden.