European Affairs Director's Message
by Marika Konings, CSIA Director of European Affairs
Marika Konings
hosted the RSA Conference Europe 2007 Panel Keynote: Data Security and Breach Notification Requirements: Pros and Cons |
E.U. Constitution “no”, but E.U. Treaty “yes?” On 18-19 October, E.U. leaders met in Lisbon, Portugal, for an Informal Council meeting to agree to the final text of the new E.U. Treaty. After voters in France and the Netherlands said “no” to the proposed E.U. Constitution, E.U. Member States toned down their ambition by removing controversial parts such as the label “constitution” and references to the symbols and the anthem of the E.U.
The new streamlined Treaty aims to bring the E.U. closer to its citizens and reform the E.U.'s institutions and decision-making process to cope with the recent stream of enlargements. Nevertheless, there are still a number of hurdles that need to be cleared before a final agreement will be reached.
E.U. Member States and Members of the European Parliament have clashed on a number of occasions in recent months over the balance between data protection and counter-terrorism measures such as in the SWIFT case and PNR agreement. |
One of those hurdles is the question of how personal data should be kept and accessed. As reported in this month's E.U. Cyber Security Briefs, under the current draft, personal data could be passed on to third countries without the oversight of E.U. institutions such as the European Parliament and the European Court of Justice. It would be up to the E.U. Member States to decide on the rules for processing personal data in the context of foreign relations, which would include the already controversial PNR agreement.
Members of the European Parliament have already expressed their dismay over this proposal, noting “it's a small point with huge consequences.” E.U. Member States and Members of the European Parliament have clashed on a number of occasions in recent months over the balance between data protection and counter-terrorism measures such as in the SWIFT case and PNR agreement.
At the same time, a new proposal on the review of the ePrivacy Directive, which is expected to introduce data breach notification obligations, is set to be adopted in mid-November. Furthermore, the Commission is to assess the need for new measures in the fight against identity theft. These are some developments that highlight the importance the E.U. gives to data security and the protection of sensitive personal information.
If citizens feel that there rights are being squandered, adoption of the E.U. Treaty will not bring the E.U. closer to its citizens. |
As for the adoption of the E.U. Treaty, although Ireland is the only country that is bound by its constitution to hold a referendum, others like Denmark and the UK are still contemplating on how final ratification should be carried out. However, it is clear that if citizens feel that there rights are being squandered, no matter how the adoption will be carried out, it will not bring the E.U. closer to its citizens.
Marika Konings
Director of European Affairs