'What's he on about?' we wondered when EDS Chief Security and Privacy exec Paul Clark lashed out over European privacy legislation in a release on Wednesday. "EDS welcomes the recognition that privacy is a business as well as a legislative issue," he'd apparently told a meeting of privacy officers in Stuttgart last week: "However, political bodies should not use the business community as its 'foot soldiers' to impose their views on privacy standards on the rest of the world. Any involvement in commercial contracts potentially could increase the bureaucracy and complexity of compliance."
Oooer. How to win friends and influence people in Brussels, not. But what's the point in flinging yourself in front of the train now, given that EU privacy legislation is essentially done and dusted already? Well, as we noted earlier, the operation, implementation and scope of EU privacy law is very much a work in progress still.
Clark is particularly concerned about "the standard contractual privacy clauses, which apply to personal data transferred from European Union-member countries for processing elsewhere." EDS' own Global Privacy and Data Protection Code of Practice is enough, he argues, " to ensure successful compliance with privacy standards around the world," so "political interference in commercial contracts is unwarranted."
This still seems something of a forlorn hope, given that Europe takes the view that privacy should be legislated for, and that the self-regulatory regimes favoured by the US are inadequate. Clark may also however be worried about Europe moving even further in what he and EDS see as the wrong direction.
Aside from the work of the Data Protection Working Party of the European Commission, further twitching on the privacy front can be found here. On Tuesday the Commission announced that it was seeking the views of businesses and citizens on privacy legislation. The feedback from this will go into a Commission report, due out at the end of this year, into the application of the 1995 Data Protection Directive, and will also be used for the Commission's Data Protection Conference on 30th September and 1st October.
The consultation is online, and can be accessed here. Both flavours of the questionnaire (which should be completed by 15th September) float the notion of "an EU Privacy Seal for European Websites," which is one of the suggestions of the Data Protection Working Party. The Commission is also soliciting papers from trade bodies and member governments. ®