skip to main content
Close Icon

In order to deliver a personalized, responsive service and to improve the site, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. By continuing to use this site and access its features, you are consenting to our use of cookies. To find out more about the way Informa uses cookies please go to our Cookie Policy page.

Global Search Configuration

Ovum view

Summary

January 28, 2016 marks the 10th anniversary of the European Data Protection Day, on which EU institutions draw the public’s attention to privacy issues and the regulatory initiatives intended to address them. The European Commission has undeniably made significant efforts to improve the European framework for data protection, which needed an update. However, many challenges loom ahead and there is still plenty of uncertainty around the outcome of the reforms.

Replacing the Safe Harbor agreement with the US will be difficult due to conflicting interests

The European Commission must be given credit for putting considerable effort into improving data protection rules in recent years. It is unsurprising that it chose to celebrate Data Protection Day by reminding the public that one year before it committed to reaching an agreement on the new Data Protection Regulation and that it delivered on the promise during 2015. The current rules certainly need an update, being unfit for the digital age we live in. However, the EC may have to leave the champagne on ice for now, for at least three reasons.

First, the new reform still needs one final formal approval from the whole parliament; although this should be a formality, it is still a key condition for completing the process. Second, the practical impact of these reforms is still unknown; the rules will only apply as of 2018 and at that point the initial proposal will be six years old. Technology developments could make some of the new rules outdated even in the moment they come into force – particularly given that IoT services will become more widespread and the sharing of personal data will be even further out of users’ control.

Third, and probably the most important point, as the EC itself notes in today’s statement, the framework for transfer of personal data outside the EU remains a key challenge. In particular, the current efforts to replace the Safe Harbor agreement will play a significant role in shaping digital industries, because the flow of personal data to the US (the home of many prominent tech and media companies) is a crucial part of tech companies’ business models. There remains a conflict between diverging interests and US legislators have a tendency to seek a strong level of control over the personal data of foreign citizens in order to tackle crime. These factors could hamper the adoption of a coherent set of rules to safeguard EU citizens’ rights while ensuring that businesses do not face an unsustainable regulatory burden. Negotiations on a new agreement are currently underway, although nothing yet suggests that a meaningful outcome is within reach.

Appendix

Further reading

Data Protection Tracker: 4Q15, TE0007-000955 (December 2015)

“The EU’s new GDPR is a necessary step, but its practical implementation will be problematic,” TE0007-000966 (December 2015)

Current Status and Future Developments in Data Protection, TE0007-000812 (August 2014)

Author

Luca Schiavoni, Senior Analyst, Regulation

luca.schiavoni@ovum.com

Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700


Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

+44 (0) 207 551 9047 - Operational from 09.00 - 17.00 UK time

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 7770704398 or email us at pr@ovum.com

Contact marketing - marketingdepartment@ovum.com

Already an Ovum client? Login to the Knowledge Center now