Buttarelli: No compromise on data protection reform Posted by Mike on 04 June 2015

Data Protection Supervisor Giovanni Buttarelli says there is no room for mistakes, as the European Commission, Parliament and Council meet to negotiate the new legislation, next month.

Buttarelli took office last December as the EU privacy watchdog, facing into a new regulation and the deterioration of Safe Harbour.

"There are specificities at national level. But we cannot give too much space to adjustment, derogations, clarifications that can simply reintroduce through the main door what we are throwing out through the window", Buttarelli said to EurActiv recently.

"The current discussion about the scope of application for public security, for the public sector, is to be carefully analysed".

Germany previously was opposed to changing the rules that apply to private industry and the use pf personal data, to the public sector. Last week, in Brussels, German Interior Minister Thomas de Maiziere said of these changes, "That wasn't so easy for us Germans to accept, but we've done it".

Buttarelli commented on the March solution proposed by the European Council on the 'one stop shop', in which a European Data Protection Board of national authorities would intervene when cases are referred to it.

"The challenge is to find a reasonable mix between the activity of just one body, as it's entitled to adopt a binding position. But at the same time, to ensure the principle of proximity, meaning the data subject should not be forced to go to the other side of Europe to simply exercise a standard right in his country", Buttarelli said.

Within the next month the European Court of Justice is due to reach a decision on Safe Harbour.

"More than in danger, I see Safe Harbour in dead waters", he said.

"The two deadlines to find an agreement have both expired. May last year, May this year. We are aware of the difficulties, but at the same time, it's time to have an answer from the US side. On the commercial dimension and on the national security exception".

"Safe Harbour, though not entirely satisfactorily from a European data protection viewpoint, has been playing a role," Buttarelli said.

"Today, we can't image that the intensive set of transfers of data from Europe to the US could be covered only by consent or by contracts or clauses or by binding corporate rules. This explains why more than 4,000 companies have been making use of Safe Harbour. So if we abandon it, it will be replaced by something else. Why necessarily move to something else when you can simply make the existing safeguards more effective in practice?"