The European Commission has set up an advisory panel including executives from Google and Intel to help it revise European Union laws on data protection.
“The aim of the group is to identify issues and challenges raised by new technologies. We are not reviewing the main data protection laws at present, but this could be a first step,” said European Commission spokesman Michele Cercone.
He added that the executives were chosen in a private capacity, rather than as representatives of their companies.
Peter Fleischer, Google global privacy counsel, along with David Hoffman, Intel’s group counsel for eBusiness and privacy will sit alongside data protection lawyers and regulators on the panel, which held its inaugural meeting Thursday.
“I am delighted to have been asked,” Fleischer told journalists.
Many aspects of the existing E.U. legislation have been made obsolete by advances in technology, Fleischer said, referring to the E.U.’s cornerstone law, the 1995 data protection directive.
He will urge the Commission to adopt a system where companies only have to deal with one national data protection authority, instead of having to meet the demands of all 27, as they do at present.
“There is a need for harmonization of data protection enforcement in Europe,” he said, adding that a system of mutual recognition among national authorities will go a long way in achieving that aim.
He also will try to persuade the Commission to move away from a location-based approach. “It worked when data was stored on paper, but with the Internet that concept is obsolete because data travels around the world and is commonly stored in many different locations at once. There is a strong need for data protection laws to take the new technology into consideration,” Fleischer said.
He pointed to Canada’s approach, which is not location-based, but calls on data controllers, such as companies, to be responsible for data safety.
Finally, he wants data protection laws to apply to public institutions as well as to private companies, pointing out that some of the most serious threats’ to potential threats to people’s data and their privacy are posed by governments, not corporations. The 1995 law only applies to the private sector.
Privacy campaign groups are critical of Google’s own approach to privacy. However, none were available to comment.