|
|
     |
|
|
|
by Kirk St. Amant
Can the European Union control the Internet?
The Internet allows the world to share information at, literally, the speed of light. However, there is some international tension concerning open online access to an individual's "personal" information. As a result of these concerns, the nations of the European Union (EU) have adopted a series of privacy laws, collectively known as the EU Data Privacy Directive, that would greatly restrict online access to personal information on EU citizens.
According to the Directive, certain “personal” information (e.g., an individual’s race, creed, sexual orientation, or medical records) can not leave the EU unless it is going to a nation with laws offering levels of privacy deemed “adequate” by the EU. (Critics such as the Brookings Institution’s Peter P.
Swire and Robert E. Litan have voiced concerns concerning the ambiguousness of the word “adequate.”) Unfortunately, many nations, including the United States, do not have national privacy laws that meet EU standards. As American privacy law is not nearly as comprehensive as EU privacy law, American organizations, both public and private, will not be allowed unchecked access to certain information concerning EU citizens. Rather, personal information on EU citizens can only be transmitted to America if the individual gives “unambiguous consent” to the transfer of this data.
These regulations, therefore, will limit the extent to which Americans can perform research or even engage in every-day business practices, for they could now be denied access to certain data they might need. This restricted access to information results in knowledge limitations that could impact the effectiveness with which Americans can participate in the new climate of international online discourse.
While the EU had discussed the possibility of creating an “alternative solution” for American companies (the current solution is referred to as “Safe Harbor”), it also maintains that the United States would have to rework its own data privacy laws to parallel those of the EU if American organizations wished to maintain access to personal data on EU citizens. Moreover, all 15 member nations of the EU have publicly admitted that they find the current Safe Harbor alternative “unacceptable” because it does not sufficiently protect an individualís privacy.
Specifically, EU officials expressed concern over Safe Harbor's approach to how much access individuals had to their own files and the degree to which individuals could stop the sale of their personal information.
In an attempt to address these concerns, the EU has been working with the U.S. to revise the Safe Harbor alternative. The U.S., however, has begun to express displeasure with this revision process and has claimed that, the EU rules are burdensome and costly for U.S. companies and are likely to give consumers a false sense of security because they are impossible to enforce.
For over a decade, the Internet has allowed users to readily access large quantities of information from all over the world. New developments in EU law, however, will inevitably change the way in which we use the online environment. By restricting access to personal information on EU citizens, the Data Privacy Directive has suddenly made us all aware of how changes in one part of that international environment can have an effect on the rest of the world.
