Exclusive A fine "balancing act" is needed to prevent a "clash" between British Home Secretary Theresa May's controversial plans to bring in a data communications-snooping law and the "rights" of the UK citizen, European Commission vice-president Viviane Reding warned when questioned by The Register.
The justice commissioner laid out her proposals in January this year to overhaul data protection law in the 27 member-states that make up the EU. She has long claimed to be a champion of the rights of the individual.
Speaking on Monday at the Digital Enlightenment Forum in Luxembourg, Reding reaffirmed that intention, although she added that she was trying to remain tuned to the needs of internet businesses which operate across borders but whose spiritual homeland – and data farms – are in the US.
When asked by your correspondent what the commissioner's views were on May's freshly tabled draft communications data bill, Reding offered up the following insight:
We do have a treaty which is called the Treaty of Lisbon and in this treaty – and maybe not everyone has understood this – there are no more pillars as there were before, where [for instance] you had a pillar for security and that was completely in the hands of the national states and where the rules of the protecting of the individual, which had to be adapted to this pillar, were a little flexible.
There's none of this anymore since December 2009. Now the rules are horizontal.
You always have to weigh the rights to obligations of the state: one is to preserve the rights of the individual and the other one is to preserve the rights of the society. This is a balancing act; you cannot make them clash.
Reding added that the proposed Data Protection Directive, which is currently winging its way through the European Parliament as well as being pored over by the Council of Ministers to allow EU member states to scrutinise the bill, had "flexibility" built into it for the sake of national security against terrorists and organised crime as long as the charter has been "preserved".
"But there is no way that in those policies the rights of individuals are eliminated," she warned.
But the commissioner had earlier noted, in a speech to a small audience of internet players and experts, a contradiction has come into play between satisfying the businesses that serve European citizens versus advocating for Europe's citizens themselves around their concerns about privacy and the growing level of personal data now residing online.
Reding described data as "the currency" of the internet and added that she will be meeting with her US counterparts to discuss issues of trust, which she said was "on the wane" in Europe – where 70 per cent of citizens on that continent are worried that their data might be misused.
Undoubtedly, the commissioner is struggling to negotiate between two distinct groups with typically different and occasionally symbiotic needs when it comes to making transactions on the internet.
She accepted that the notion of the so-called "right to be forgotten" online – a proposal advocated by the commissioner in her draft bill on overhauling the 1995 data protection law in Europe – will never lead to "total privacy".
What Reding and some of her supporters want is to create an "open market with legal certainty and the same rights for all."
But as Britain's Home Secretary has recently demonstrated, it's seemingly impossible to satisfy the needs of individuals who do not wish to have their privacy invaded – as many have already argued in opposition to the Communications Data Bill – when it comes to responding more urgently to terrorist threat warnings from national security services.
It will be interesting to see if May's proposals, if passed through the UK Parliament, end up becoming a model for other member states in Europe, as the rewrite of data protection law in Europe continues – and possibly ends up being watered down to satisfy the businessmen of Silicon Valley. ®