This article is also available in:
Deutsch: Privacy Platform Meeting

On 1 December 2010, the Privacy Platform held a meeting on the Commission's recent Communication on updating the Data Protection Directive. Hosted by Sophie in't Veld MEP, the panel consisted of: Martin Selmayr, Head of Commissioner Reding's cabinet (who spoke in her absence as the Commissioner was ill), Jacob Kohnstamm, Chairman of the Article 29 WP, and Peter Hustinx, the European Data Protection Supervisor.

The meeting was well attended and overall, it followed standard storyline. In regard to the Communication and future steps for the revised Data Protection Directive, Mr. Kohnstamm urged that more ambition was needed, and listed five general principles that should be kept in mind. First that class action is a necessity, the patchwork of data protection rules should be a thing of the past (particularly in the post-Lisbon EU), the duty of controllers should be strengthened, privacy by design should be addressed more thoroughly and that there should be better enforcement powers for data protection authorities (DPA).

Peter Hustinx, echoing many statements in support of the Article 29 WP Chairman, emphasized the need to take a bold approach, particularly in terms of enforcement, accountability, harmonisation and including privacy by design into the beginning of the development process rather than tackling it at the end. This approach is outlined in more detail in his recently published policy paper which outlines a more robust approach to data protection.

The issue of real consent was discussed throughout the meeting, where Marc Rotenberg from the Electronic Privacy Information Center (EPIC), commented that "consent" is often anti-privacy, as its terms are dictated by the firm in question. Mr. Hustinx agreed, saying that transparency does not equal consent. Sophie in't Veld made the point that consent implies choice, but in reality, "choice" does not really exist.

In regard to public authorities taking more responsibility and accountability, Ms. In't Veld pointed to the irony that they are usually the greatest violators of privacy, illustrating another dilemma with regards to attaining adequate data protection in the information society.

There was discussion of sanctions and better enforcement measures for the Data Protection Directive and for DPAs. Mr. Kohnstamm agreed that more sanctions are needed, but that the measures also need to expand power and scope in order to logistically take on the added load (adding that currently there are only 80 employees in his DPA).

The public consultation on the Communication is open until 15 January 2011. The Commission plans to release the final review of the Data Protection Directive sometime "around" the summer of 2011.

Videoclips from the Privacy Platform meeting: Sophie In't Veld
http://www.youtube.com/watch?v=zoRTAK4-rD4

Peter Hustinx, EDPS
http://www.youtube.com/watch?v=pjeUl0LJhMc

Commission Communication on "a comprehensive strategy on data protection in the European Union"
http://www.statewatch.org/news/2010/oct/eu-com-draft-communication-dat...

EDPS Policy Paper on Monitoring and Ensuring Compliance with Regulation (EC) 45/2001 (13.12.2010)
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/...

(contribution by Raegan MacDonald - EDRi)