From the report embedded above (with added links):

Tech companies’ reign over users’ personal data has run largely unchecked in the age of the internet. Europe is seeking to end that with a new law

… the European Union enacted the world’s most ambitious internet privacy law [the General Data Protection Regulation (the GDPR)], even winning support from the CEO of the biggest tech company in America, Apple’s Tim Cook. …

Max Schrems: The default under the European system is you’re not allowed to use someone else’s data unless you have a justification. …

Jeffrey Chester: Americans have no control today about the information that’s collected about them every second of their lives. …

Today, if one of the big tech companies chooses to ignore Europe’s new data protection law it could cost them 4 percent of their global revenues, which for the biggest companies would mean billions of dollars. Those decisions will likely be made here in Dublin, … Ireland’s data protection commissioner Helen Dixon says it’s not going to be business as usual.

Helen Dixon: U.S. internet companies have no doubt that this law is serious, it has serious bite. And all of them are eager to avoid any engagement with that.

Read More »

In today’s Irish Times, this week’s instalment (audio here) in the ongoing mis-adventures of Ross O’Carroll-Kelly (pictured left) intersected with this blog. Ross is a hapless dad and clueless (if ruthless) estate-agent,

New politics certainly make for interesting times. Minority governments are no strangers to defeats, even to two defeats in one day, but yesterday marked another milestone, when the government lost not merely two votes, but votes on two successive legislative amendments. They both related to the protection of children in the Data Protection Bill, 2018. The first will make it an offence to process the personal data of a child for the purposes of direct marketing, profiling or micro-targeting; the second will set the digital age of consent at 16. In fact, seeing the writing on the wall, rather than suffer the indignity – surely unique, even in this era of new politics – of four defeats in one evening, the Minister accepted a third amendment and declined to press a fourth of his own. The third amendment that he accepted will permit not-for-profit bodies to seek damages on behalf of data subjects; and the amendment that he withdrew would have undercut the effect of the third successful amendment. (The three successful amendments are amendments 14, 15 and 115 here (pdf), amending this version (pdf) of the Bill, and debated here). Earlier versions of all three successful amendments had been defeated by the government at every previous stage of the Bill.…

Read More »

In the UK, the Department of Digital, Culture, Media and Sport (DCMS) has today published the Data Protection Bill 2017, to incorporate the General Data Protection Regulation (GDPR) and to implement the Police and Criminal Justice Authorities Directive (PCJAD) (respectively: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC; and Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA; aka the Law Enforcement Directive). The progress of the Bill through Parliament can be tracked here.

In Ireland, when the Department of Justice published the the General Scheme of the Data Protection Bill 2017 (scheme (pdf)), I expressed two concerns, both of which are equally applicable to the UK Bill.…

Read More »