EDPS and EDPS Chair talk about privacy policy in the EU, beyond

There’s a lot happening on privacy in the EU – from a new transatlantic data flow agreement in principle with the US to a series of data laws proposed as part of the EU’s digital strategy. EU, application activities and more.

European Data Protection Supervisor Wojciech Wiewiórowski and Chair of the European Data Protection Board and Head of the Austrian Data Protection Authority Andrea Jelinek shared their views on the latest from a session hosted by Microsoft Vice President and CPO Julie Brill at the IAPP Global Privacy Summit 2022.

Noting that “the devil is in the details,” Jelinek and Wiewiórowski praised both parties for reaching a new transatlantic data privacy framework, an agreement in principle at this stage as details continue to be finalized. Once that happens, the EDPB will be asked to submit an opinion, which Jelinek said “we look forward to doing.”

The EU-US data flow framework has been successfully challenged in court twice by Max Schrems, honorary president of European NGO NOYB. In the likelihood of a “Schrems III,” Jelinek said she hopes the new deal “will be on the right side.”

“I’m very positive about it,” she said. “I believe this agreement in principle is the first step in the right direction… It is our commitment to play a constructive role in securing transatlantic transfers of personal data.”

The transatlantic agreement is not the only big point on the radar of the DPAs. Legislators are developing a series of regulations in the EU. The European Parliament and Council recently reached a provisional agreement on the Digital Markets Act – a regulation targeting online advertising, messaging services and other practices of big tech platforms – while the Services Act digital technologies, the AI ​​law and the data governance law are also proposed.

“What’s interesting is that these acts have different roles for the privacy and data protection world and data protection authorities are interested in different ways,” Wiewiórowski said. “The governance of these solutions is an extremely important subject that affects data protection authorities.

These acts are of course in accordance with the EU General Data Protection Regulation. In June, Wiewiórowski will host a conference in Brussels, titled “The Future of Data Protection: Effective Enforcement in the Digital World”, where the effectiveness of GDPR will be discussed and global stakeholders will connect to discuss. application strategies.

“We don’t believe that in the near future we will have a huge change in data protection legislation in Europe. We are also generally satisfied with the outcome of the GDPR and the application of the GDPR. But we try to anticipate,” said Wiewiórowski. “This is where we want to talk, maybe more from a DPA perspective, but still an open discussion of application experiences and future models. This is not a review of cases that have occurred over the past four years, but a glimpse of what will be the pattern of enforcement in digital Europe.

Wiewiórowski and Jelinek addressed the state of privacy in the United States, where four states have passed laws and regulations have been proposed by several other states, and a federal privacy law has been hotly debated for years.

Wiewiórowski said the EU is “interested” in what is happening in the United States and in the “possibility of having a complete federal law”. He said, “We know it’s not an easy process.”

Jelinek said companies are unhappy with the fragmentation of laws across the United States and said there appears to be a political window for federal legislation.

“We look forward to seeing how they do, what they do, and we are ready to support them with our experience as national supervisory authorities in Europe,” she said.

EU leaders also shared their thoughts on the future of data protection globally, with Wiewiórowski saying there is unlikely to be “a global solution in the foreseeable future”, but this should be discussed.

“Data protection law has shown its possibilities, it has shown its real impact on the quality of data, the quality of cooperation,” he said.

Jelinek sees “increasing awareness” of data protection around the world, which she says is “really important”.

“Ten years ago, data protection was not so mainstream and not so popular. Now everyone is talking about data protection. In Europe, it is a fundamental right. I think the United States is very close to that,” she said. “I think we are on the right track when it comes to data protection, not to mention the opportunities but also the challenges that we will face together.”

Photo by Duangphorn Wiriya on Unsplash

Comments are closed.