Paris, 7 May 2013 — For more than a year, the EU Parliament have been examining the Proposal for a Regulation of the EU Commission aimed at reforming the European data protection legal framework. Until now, the parliamentary committees examining the Proposal have so far proposed to restrict the protections of our fundamental right to privacy. As a crucial vote is approaching in the “Civil Liberties” (LIBE) Committee, La Quadrature du Net launches a series of analysis dealing with key points, stakes, development and threats of the reform.





Viviane Reding Viviane Reding

In the face of the development of dangerous practices to the detriment of our privacy, in January 2012, the EU Commission introduced a Proposal for a Regulation – meant to reform the 1995 Directive – intended to supervise collection, processing and trade of European citizens’ personal data. This Regulation, which should come into force in 2015, will be immediately enforceable in all EU Members States and will replace every current national law relating to this matter

Two kind of legislative acts can be adopted through this process: directives, setting principles and purposes each Member State must implement into its national law, and that may require to pass a new law; or regulations, which are immediately enforceable in all Member States simultaneously.

The choice of a Regulation seems to be the better one to regulate personal data flow on Internet which is cross-border by nature. Indeed, the current European law – the 1995 directive – suffers from disparate implementations and interpretations among Member States, which some companies are playing on. . As proposed by Viviane Reding, Commissioner for Justice, Fundamental Rights and Citizenship, it could constitute a real advance for the protection of our privacy.

If the Regulation was adopted as it stands, it would;

allow to significantly strengthen citizens’ rights, businesses’ obligations and powers of supervisory authorities, such as the CNIL in France;

define a wider scope for this legal framework, which would apply to any companies – regardless of its geographical location – monitoring the behavior of European citizens or offering them goods or services.

An unprecedented lobbying campaign

In response to the proposal of the EU Commission, powerful companies, mainly based in United States (banks, insurances and Internet services), have led an unprecedented lobbying campaign . Their goal is to make withdraw from the final version of the Regulation those proposals aimed at protecting citizens’ personal data. As the Internet website LobbyPlag has clearly showed, some key MEPs have directly cut and pasted those requests made by US lobbies in their amendments.

Four committees

The “Consumer” (IMCO), “Employment” (EMPL), “Industrie” (ITRE) and “Legal Affairs” (JURI) Committees have all proposed amendments to the “Civil Liberties” (LIBE) Committee, which is in charge of drafting the report the Parliament will vote on.

Visit La Quadrature’s wiki for a precise analysis of the most dangerous amendments proposed by those committees: IMCO; ITRE; JURI. of the EU Parliament have already given their opinion about modification to be made to the Proposal. Directly influenced by lobbies, they have all voted to weaken of the data protection legal framework and to limit companies’ obligations with regards to the personal data they collect.

However, those opinions have a mere consultative value, which means the situation can still be reversed. The amendments the EU Parliament will adopt during the plenary session at the end of the year shall be previously adopted by the MEPs sitting in “Civil Liberties” (LIBE) Committee during a voting session which should likely take place before the end of June [UPDATE: the vote was delayed to October 21, 2013].

Act now!

Before this vote, we have to make certain that LIBE MEPs will not break under lobby pressure, like their colleagues in committees for opinion. We need guarantees regarding the efficient implementation of the regulation and on the other good points proposed by the EU Commission, rather than shattering them. As from now and until the vote, EU citizens must contact their MEPs to lay claim to a real protection of their fundamental right to privacy. As the ACTA rejection demonstrated last summer, citizens’ calls for protecting the general interest rather than the private interest of the few can be heard by MEPs, as long as the citizen mobilization is significant, sustained and relayed enough.

In order to allow everyone to seize the stakes and key points of the debate, La Quadrature du Net is starting the release of a series of analysis focused on the major aspects of the Proposal. Each analysis will illustrate how the proposals made by the EU Commission would represent a real improvement of the current legal framework, why big companies are opposing to them and what positions MEPs set so far.

To get more information and discuss this, you can visit our forum.

The first analysis of the series is addressing the “explicit consent” issue and its importance for the control over our personal data.