The European Data Protection Regulation

The European Union has always been a staunch protector of its citizens’ privacy and protection on the worldwide web. This led them to come up with the Data Protection Directive in 1995, which was nothing but a set of rules and guidelines for companies for securing and ensuring scrupulous use of private data.

But, 1995 has come and gone a long time back. The current scenario of the web necessitates the updation of the directive. In 2006, the EU came up with the concept of The Right to be Forgotten. The rationale behind this concept is that individuals should be able to decide how their private data is stored on the web; if at all. This concept is a reflection of the European ideals which have been associated with forgiveness and the right to move on with one’s life after some mishap. For example, a criminal after having completed his term has a right to equally access the country’s services without any caveats about his past life, which banks, insurance companies and employers may find online.

But, a mere concept was not enough to rein in the big names in internet business. The EU went on a limb to openly find an Anti-Trust Allegation against Google for violating its Directive and also the Right to be Forgotten. According to the charges filed by the European Court of Justice, Google is guilty of deliberately fishing favorable search results in place of more generalized results in its search. It was also accused of favoring its own shopping results algorithm versus that of Amazon, Yelp, EBay, etc. The fact is that Google is actually guilty of all these charges, but the reason why the Court of Justice cannot nail them so easily is the thinly written privacy laws and guidelines.

There is much ambiguity in the way these laws can be and should be applied. But the EU is finally looking to change that. In a notification in January of this year, it was announced that The Data Protection Directive would be replaced by the much bolder and much more concrete European Data Protection Regulation. The change from Directive to Regulation means that it will be universally applicable to all Euro member states, without any caveats and loopholes.

Emboldened by the new regulation, The European Court of Justice has renewed its efforts to bring Google to task on the issue of data privacy. Till now, the court was single handedly going after Google. It was understandable because Microsoft, Yelp, TripAdvisor and some other search companies had been pushing the EU to ensure fair competition. But, in October this year, came a huge blow that was going to affect not just the giants of the industry, but the entire gamut of internet based companies, a major chunk of which lies in the US.

The European Court of Justice ruled the Data Sharing Pact with the United States to be illegal and invalid. The court deliberated that personal data sent to and fro through US servers is unsafe and a violation of its privacy laws. This ruling deals a major blow to all major tech companies in the United States, who would now have to look for data centers in Europe.

The entire proceedings done by the EU are truly in the favor of liberty and personal privacy as well as freedom. However, the big question that arises is why did the EU suddenly decide to be the flag bearer of individual freedom and liberty?

The short answer is that the European Union is spooked. And the thing that spooked it into action is the revelation of massive surveillance operations being conducted by the US on European leaders. In 2013, Edward Snowden leaked classified documents containing sensitive information about government snooping on European leaders, among other people. This whole scandal made the EU come into action and bolster its internet defenses by attacking the theft and handling of its data by US servers.

The result is that some 4500 companies which were till now using US servers to store data from all across the globe, will have to install separate servers in Europe to ensure that their data does not leave the continent.  Quashing of this agreement also means that sooner or later Google will also have to bow down to the EU and make the desired changes to its search algorithms.

This is a big win for the masses at a time when Net Neutrality and other Internet security issues are gaining concern. However, sadly, the rules of this regulation apply only within the European borders.  At a time when India is also being subjected to massive hacks of government and defense installations, it is necessary that the country’s leaders look Westward for inspiration and work to protect the interests of the fast growing internet population of the country.