Home | Databases | WorldLII | Search | Feedback Privacy Laws and Business International Report

Editorial [1999] PLBIRp 12; (1999) 48 Privacy Laws and Business International Report 1

Editorial

Negotiations between the EU and the USA have now led to revised Safe Harbor Privacy Principles (p.13) , published on April 19th and available with supporting documents at www.ita.doc.gov/ecom/shprin.html. The principles have been strengthened regarding access and complaint procedures, two of the EU's main concerns.

However, from a European perspective, even this new version offers weak data protection compared with the European Union's Data Protection Directive. The document refers to US laws which "effectively" protect personal data privacy. Where a US organisation is subject to them, it "qualifies for the safe harbor to the extent that its activities are governed by such laws or rules." The problem is that none of the US privacy laws match the Directive, even within their sectoral scope, with the partial exception of the Fair Credit Reporting Act. Secondly, major companies have many products and services, some of which are more subject to privacy regulations than others. Who would know which business activity is regulated and which is not? Consumers would also have difficulty in knowing which data is shared within the organisation or disclosed to others. Is it possible to bridge this gap at the EU-US summit to be held on 21st June in Germany? Should employee data (p.11) be treated separately?

I am pleased to announce that, as a result of our focus on these issues, Privacy Laws & Business has won a contract with the European Commission to assess the adequacy of particular third countries' data protection laws and sectoral provisions in comparison with the EU Directive. These assessments provide evidence to support policy decisions on managing flows of personal data from the EU to third countries.

Stewart Dresner, Director

PRIVACY LAWS & BUSINESS