back to article Privacy Framework draft isn't 'future-proof', say MEPs

European Parliament doesn't want to be looking at yet another draft law regulating EU-US data flows, saying the proposed Privacy Framework is not "future-proof" enough. Basically, MEPs' advice – and they voted 306-27 on this – is that they don't want the European Commission, the executive arm of the EU, to grant the US the …

  1. Doctor Syntax Silver badge

    "The Data Protection Review Court is a mechanism put into place by the US to give European citizens the same right of redress they'd have at home."

    There's a very simple principle that would sort this out. Irrespective of where the data is wrongfully accessed the redress should be between the data subject whoever accepted the data initially and in the jurisdiction of the data subject as if it had happened within that jurisdiction. While a business can't reasonably be held responsible for the actions of some other jurisdiction they can be held responsible for exposing data to such actions. How they do that is their problem but if the incentives are there they'll do it.

    1. veti Silver badge

      You just described the default regime that would exist if there were no such bilateral agreement at all.

      The whole point of this discussion is to avoid exactly that outcome. Which European companies are really anxious to avoid.

  2. Anonymous Coward
    Anonymous Coward

    Misdirection.....Again!

    If the NSA (or GCHQ) want access to European (or British) data........................

    .......they just hack what they want!!!!

    This "legislation" debate is a figment of the lawmaking imagination............................

    I suppose it's too much to hope that lawmakers (who are "doing something") would remember ten years back and the Snowden revelations......

    Yup....................." WE ARE DOING SOMETHING"................just make sure you pay your tax bill............."WE ARE DOING SOMETHING",............

    Sigh!!!!!!.....................

  3. Anonymous Coward
    Anonymous Coward

    > they voted 306-27 on this

    It's so important that fewer than half of them even bothered to show up to vote.

    How much are they paid, again?

  4. captain veg Silver badge

    I don't understand why this is so hard

    My personal data belong to me.

    No commerce should be able to require me to part with it.

    No commerce should be able to require me to part with it in order to engage in commerce with it.

    No commerce should be able to sell whatever data that it managed to collect on me to any other party.

    Feel free to substitute "government agency" if that's your bag.

    -A.

    1. veti Silver badge

      Re: I don't understand why this is so hard

      Companies have been selling people's personal data since the invention of the phone book, and probably much earlier. You could even make a case for the invention of banking.

      But nowadays it's much larger scale, and much more complicated. What even is "personal data" any more? Most of what the law says is personal - isn't technically traded at all. But it can be reconstructed from what is traded, or freely published.

      And why should it belong to you, anyway? The shops you visit regularly probably have a much more accurate record of your purchases than you do. That's their data, they gathered it (and they can make an excellent case that you consented to that, when you told them who you were) - why should you have title over it?

    2. LybsterRoy Silver badge

      Re: I don't understand why this is so hard

      I agree with all but one of your requirements

      "No commerce should be able to require me to part with it in order to engage in commerce with it."

      If a company wants to require you hand over your data as the part of the price of doing business with them that's their prerogative. Your's is to walk away from the deal.

      1. Graham Cobb Silver badge

        Re: I don't understand why this is so hard

        No, you have that "right" anyway. I exercise it frequently. for example, I don't do business with Google.

        This is about additional rights granted by EU legislation. That is what the various national "data protection" laws around the world are about.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like