European Union leaders have given themselves room for maneuver in implementing new data protection laws, while pledging to introduce them in a timely fashion.
All 28 leaders of the E.U. member states discussed issues of data protection, mass surveillance and the digital economy at a meeting that continued late into the night on Thursday.
They agreed that there is a strong need for an improved, robust digital economy in Europe and that artificial barriers between member states must be removed to create the so-called “digital single market.”
However, the meeting was dragged out with discussion on the subject of alleged illegal snooping by the U.S. National Security Agency, among others. Allegations that the NSA hacked German Chancellor Angela Merkel’s mobile phone gave impetus to this debate.
Also on the agenda was the overhaul of Europe’s data protection laws, although these would not have had any impact on any alleged spying. The new data protection regulation got the thumbs-up in a key committee vote in the European Parliament on Monday and negotiations with the E.U. member states were expected to begin soon.
Early leaked drafts of the council conclusions indicated that the leaders would agree on the new data protection laws in early 2014; this was then amended to “by 2015,” giving the leaders some extra months to finalize the text.
Part of the council conclusions reads: “It is important to foster the trust of citizens and businesses in the digital economy. The timely adoption of a strong E.U. General Data Protection framework and the Cyber-security Directive is essential for the completion of the Digital Single Market by 2015.”
Despite media reports that this was a significant alteration in timeframe, members of the European Parliament and the European Commission who must also approve the regulation said that this was not a significant change.
The Commission’s Digital Agenda spokesman Ryan Heath said on Friday: “This gives a good push for 2014. We want to see the European Parliament vote before the Parliament elections in May and then to wrap up between the Commission, the Council and the Parliament in rest of 2014.”
“We stressed that we have to speed up the work, but it is a complex task. It’s not only related to the already difficult issues of protecting privacy, but it is also an impact on business,” said E.U. President Herman Van Rompuy.
British Prime Minister David Cameron argued for removing a date altogether, according to sources familiar with the proceedings. The U.K. is concerned that the regulation will have a negative effect on businesses. He did not comment on the council meeting outcome, leaving on Friday without speaking to the press.
The text of the regulation that was approved by the parliamentary committee this week includes a “right to erasure” clause that would limit Internet companies’ access to users’ private data, with fines for those who break the rules.
The conclusions were welcomed by politicians and businesses alike. Jan Philipp Albrecht, the member of the European Parliament charged with seeing the regulation through, said he was happy that the importance of the regulation had been stressed. “Now it is up to the ministers to do their homework and get this negotiated soon,” he said.
Meanwhile Liam Benham, IBM Europe vice president, said in an email on Friday: “We welcome the decision by EU leaders to prioritise quality over speed in their discussion on the data protection regulation.” But he added: “The current proposal contains major defects that not only would undermine Europe’s competitiveness, but would also fail to deliver the sort of online privacy we all want to see.”