Data privacy in the European Union is a hot topic at the moment.  In addition to the recent ruling regarding the “Safe Harbor Ruling” affecting data transferred between the EU and the US, a study was recently published criticizing several aspects of the EU’s development of its Digital Single Market (“DSM”) strategy.

As defined by the European Commission, a DSM is “one in which the free movement of goods, persons, services and capital is ensured and where individuals and businesses can seamlessly access and exercise online activities under conditions of fair competition, and a high level of consumer and personal data protection, irrespective of their nationality or place of residence.”  Industry sectors affected by the EU’s DSM strategy include healthcare, mobile communications, and marketing and retail (whether online or off).

The new DSM study found that the current strategy does not put enough emphasis on the legal and social challenges involving privacy and personal data protection.  It argues that the promotion of a data driven economy should not underestimate the challenges raised for privacy and personal data protection and that strengthening the rights of digital citizens should be the main focus of the current debates around the General Data Protection Regulation,  as discussed further by Kate Brimsted in this article.

The Study urges those engaged on reforming EU data protection to focus on strengthening the rights of “digital citizens” and addressing potential gaps in protection involving Big Data, smart devices and the Internet of Things, such as:

  • Transparency and information obligations imposed on data controllers
  • Consent (including consent in case of repurposing the use of personal data)
  • Balancing public interest against individuals’ interests for legitimizing personal data processing
  • Regulating the profiling of individuals
  • Safeguarding digital rights in case of data transfers to third parties and third countries.