Internet survey
“Any company operating in the EU market or any online product that is targeted at EU consumers must comply with EU rules,” Viviane Reding, the European commissioner in charge of justice issues, said in a speech this week. - File Photo

BRUSSELS: When it comes to privacy, the Internet has long been something of a Wild West but that that is starting to change, with regulators in Europe and the United States beginning to pull in the reins.

On both sides of the Atlantic, officials are scrutinizing how companies such as Facebook and Google handle users' personal data, as they draw up plans to protect surfers while ensuring the growth of rapidly expanding social media, search engine and other Web-based businesses.

In the first sign of where Europe may be headed with its privacy regulations, the European Union announced this week that social networking sites and search engines could face court action if they fail to obey new EU data privacy rules.

Under proposals to be fleshed out in the coming months and that will update 16-year-old data-protection laws, the European Commission wants to force companies holding data to allow users to withdraw it from websites, calling it the “right to be forgotten”.

Companies would also have to provide more information on what data they have collected from people and why.

“Any company operating in the EU market or any online product that is targeted at EU consumers must comply with EU rules,” Viviane Reding, the European commissioner in charge of justice issues, said in a speech this week.

“To enforce EU law, national privacy watchdogs will be endowed with powers to investigate and engage in legal proceedings against non-EU data controllers,” she added.

Reding said that EU-based privacy watchdogs should even be given powers to enforce compliance outside Europe, which could include access to US-based servers and other data sources.

While privacy campaigners and Internet users may be pleased to hear what Reding has to say, her words will cause concern in parts of the United States, where many of the biggest and most successful search engines and social media companies are based.

Europe and the United States have traditionally differed on privacy issues, with the EU taking a stronger regulatory approach and US officials more mindful of the need to balance entrepreneurship and business demands with data protection.

But in recent weeks, as US privacy experts have visited Brussels to try to close the gaps between the two regulatory frameworks, officials have emphasised how closely they are working together to come up with a common set of standards.

“I think our baseline understanding of the rules is very similar,” said Fiona Alexander of the US Department of Commerce, who was in Brussels this month to meet EU regulators.

“The implementation in the past may have been different.”

LEVEL PLAYING FIELD

The EU and US already agree on some general concepts, such as the idea that privacy safeguards need to be designed into Web products from the start. They also both want to require Web browsers to offer a “do not track” option to users.

But differences remain on specifics and philosophy.

EU officials are adamant that companies should obtain explicit permission from users before every use of their data -- such as through a pop-up consent box -- while that is not something US regulators are pushing for, EU officials say.

The right to be forgotten is also a concept that goes against the grain for US regulators, who favour a broader definition of freedom of information.

In a sign of where Europe is going and how complex applying the law could become, Spanish data protection authorities ordered Google in January to remove links to more than 80 news articles mentioning people by name, saying it violated privacy.

The case has been referred to Europe's highest court.

Some companies, such as Microsoft, support the effort by the European Union and the United States to align their policies, saying it will result in clearer, more uniform rules.

“Companies need solid, clear rules to be able to continue to invest and to be competitive,” said John Vassallo, Microsoft's vice president of EU affairs. “Now, there are too many competing rules.”

But even within individual EU countries, privacy rules vary so much that lawyers say it would be almost impossible for a multinational company to be compliant in all 27 EU countries.

That suggests that Reding and her EU regulatory team will have their work cut out if they are to draw up a clear and workable policy in the months ahead, and one that fits well with the rules US regulators are also drawing up.

Opinion

Editorial

China security ties
Updated 14 Nov, 2024

China security ties

If China's security concerns aren't addressed satisfactorily, it may affect bilateral ties. CT cooperation should be pursued instead of having foreign forces here.
Steep price
14 Nov, 2024

Steep price

THE Hindu Kush-Himalayan region is in big trouble. A new study unveiled at the ongoing COP29 reveals that if high...
A high-cost plan
14 Nov, 2024

A high-cost plan

THE government has approved an expensive plan for FBR in the hope of tackling its deep-seated inefficiencies. The...
United stance
Updated 13 Nov, 2024

United stance

It would've been better if the OIC-Arab League summit had announced practical measures to punish Israel.
Unscheduled visit
13 Nov, 2024

Unscheduled visit

Unusual IMF visit shows the lender will closely watch implementation of programme goals to prevent it from derailing.
Bara’s businesswomen
13 Nov, 2024

Bara’s businesswomen

Bara’s brave women have proven that with the right support, societal barriers can be overcome.