The last week or so has seen a series of privacy developments supporting the EU's position on the international scope of its draft General Data Protection Regulation. Through the Regulation, the EU are looking to introduce a level playing field for the first time and make all organisations who are based in the EU, process data here, or simply target EU citizens, abide by the same rules. This issue is of real interest to all EU organisations given the global strength of the US in the tech sphere, and the influence local regulation can have on international competition.
What have the US been saying?
For those of us not on the inside of global politics and lobbying efforts, this issue is a little difficult to pin down precisely, never mind establish who in the US is actually saying what.
That said, the consistent message from the press and EU politicians has been that the US are attempting to water down the proposals in the draft Regulation, and the FT put out another article to the same effect yesterday.
Such attempts have been attributed (unsurprisingly) to the Obama administration and lobbying organisations representing the forefront of the US technology industry, not least Facebook and Google.
The US are not getting its own way though. Indeed, as is to be expected, there are many in the States who are taking the opposite stance.
4th February saw a public letter published by 17 US privacy and consumer action groups calling on the US government to step back from challenging the EU over the draft Regulation. They gave their backing to to the "many important, innovative proposals contained in the package of reforms". In their words, the "promotion of stronger privacy standards in Europe will benefit consumers around globe, as businesses improve their privacy practices and security standards". They also called on the US government to progress its own fledgling proposals around privacy regulation.
Microsoft has also been playing the privacy card again. As has been widely reported, they are running a campaign directly targeted at Google's scanning of gmail content for the purpose of targeted advertising, under the banner "scroogled".
It is of course one thing for Microsoft to challenge a competitor on privacy issues, another thing entirely for them to support the EU's actions. Cynics might say that, with this ad and its Do Not Track stance, Microsoft is deliberately positioning itself in a privacy-positive light to claw back ground on the likes of Google, whose ever-burgeoning business could be railed in by the proposed, far more stringent EU Regulation.
Nevertheless, Microsoft's stance is tacit support for the view that privacy is now a vital international issue and of material concern to individuals; a point that lies at the heart of the EU's proposed reforms.
EU Telco Support
Support has not just been coming from the US. Yesterday the EU Vice President and Justice Commissioner responsible for the new Regulation, Viviane Reding, issued a joint press statement with the head of the European Telecommunications Network Operators Association (ETNO) - an association that includes most of Europe's major telecoms players including France Telecom (Orange), Telefonica (O2) and Deutsche Telecom (T mobile) - which expressly supported a level data protection playing field for everyone involved in the EU information and communication technology industry.
Of course, any such statement always has a hint of vested interest. The fact is that the EU telecoms sector has had its own, arguably gold-plated regime under a separate EU privacy Directive for some time. Amongst other things, this regime includes mandatory data breach notification; a requirement that does not apply to other sectors under the current EU Data Protection Directive. In calling for a level playing field for all, ETNO is actually targeting competitor organisations both within and outside the EU, in particular as telecoms companies look to move increasingly into high added-value content and services in order to stave off the perceived threat of being left as "dumb-pipe" organisations.
So where do these developments leave the draft Regulation?
In one sense, we are no further forward. There will always be a great divergence of opinion over major regulatory reform; especially one which is perceived to have such far-reaching, global consequences (and potential costs) as the draft General Data Protection Regulation. Such recent developments merely confirm this to be the case.
From a narrower UK perspective, such developments are arguably more significant though.
As we have reported, the UK government, Parliamentary and ICO opinions on the draft Regulation have ranged from being mildly critical, to arguing for its complete restructure. In particular, there has been real concern about the harm it may do to e-commerce and digital business, and this view is likely to align to some degree with prevailing US lobbying views.
Conversely, the EU Parliament have to date come out in support of the Regulation (and arguably sought to toughen it still further in some areas). One might take the view that they come from the same cadre of politicians as the EU Commission though, and be distinctly unmoved by their stance.
Against this backdrop, the real significance of such developments is in demonstrating that the Regulation has a broader, international level of support which includes organisations representing major, multi-£bn turnover businesses. It cannot be so easily pigeon-holed as a regime for Eurocrat politicians locked away in some artificial world in Brussels and Strasbourg.
Would you bet against the EU standing firm on most of its proposals?