As a result of lobbying by at least nine countries-including the
UK, Germany, Sweden and Belgium-the European Commission may have
to ease off on some of its more extreme amendments to the draft
EU data protection regulation.
In
January 2012, the Commission proposed an update to the EU
data protection laws, their first overhaul since implementation
in 1995. The changes would introduce a single set of rules on
data protection, valid across the EU-a move the Commission says
will save businesses some €2.3 billion a year in
administrative costs. Since the first draft was published,
several more amendments have been discussed, including more
stringent data privacy restrictions, such as outlawing all
nonessential profiling.
According to an article by
CatEx Direct Commerce Association president Nigel Swabey,
published in the March issue of Direct Commerce magazine, the
regulation has the potential to be very damaging to trade and
will reduce the profitability of all direct retailing by
restricting the ability of direct retailers to personalise their
marketing offers to the needs of the customer. Profiling could be
taken to mean any form of customer segmentation or analysis,
which would make it virtually impossible to target those who wish
to receive mailings or marketing messages with any degree of
accuracy. Swabey called on business owners to contact their
members of the European Parliament to oppose the
amendments.
The Direct Marketing Association, which represents the UK’s
multibillion-pound direct marketing industry, also fears that EU
lawmakers have failed to address the sector’s concerns on the
original proposals as they have yet to strike the appropriate
balance between protecting consumer rights to data privacy and
the legitimate interests of business.
The DMA’s executive director Chris Combemale echoed Swabey’s
rallying cry and urged business leaders to persuade UK MEPs to
take up their cause against the draft EU Data Protection
Regulation.
So far the message seems to be getting through. A recent memo
sent from the Irish presidency of the EU described how
“several member states have voiced their disagreement with
the level of prescriptiveness of a number of the proposed
obligations in the draft regulation”. Several states have
also said they need “more flexibility” regarding how
they apply data protection rules in their countries. It is
expected that Brussels will now debate the idea of taking a
“risk-based” approach, so that individual countries
or businesses would be subject to the interpretation of the law
as appropriate.
Speaking at the DMA’s Data Protection 2013 conference in
February, information commissioner Christopher Graham threw his
backing behind the call for industry involvement. “The
direct marketing industry has an important role to play in the
legislative process. It must focus on good practice and respect
consumers. It must also remember that this is the crucial turning
point in a long game; while there is a lot more work to do on the
regulation, the industry must engage further with legislators
now.”
The EU Data Protection regulation is due to be debated by members
of the European Parliament (MEPs) in June and finalised in the
next few months. It will come into force in 2014 and all data
controllers and processors will have to comply with its
provisions by 2016 at the latest.
Share