The European Union has given itself a modern data protection regime. What is missing, warned UN special envoy Joseph Cannataci in a panel of experts on the occasion of the 40th birthday of the Council of Europe’s data protection convention (Convention 108) at the conference “Computers, Privacy and Data Protection” , is simply the political will for effective enforcement.
“We have passed laws, but the governments are always finding ways to circumvent them with exceptions,” criticized Sophie in’t Veld, a member of the European Parliament. In’t Veld has been a long-term plaintiff in numerous data protection lawsuits in Europe and the USA for a decade and a half.
The Liberal criticized in particular the special rights that are still asserted for intelligence services. Last but not least, it is inconsistent, according to in’t Veld, that sovereign rights are insisted on when it comes to demands on the services and their supervision. But they should work more together and exchange data. In’t Veld described the ongoing discussion on the Brexit issue of data transfers to the United Kingdom as shadow boxes. “Of course we all know that the United Kingdom does not have an adequate level of data protection,” said the Dutch woman. Because the British have already agreed to the transfer of data across the Atlantic through their Cloud Act agreement with the USA.
Political instead of legal considerations would also have Adequacy decision Headed in favor of Japan, criticized Cannataci. “The EU should never have issued this notice,” he said. Because compared to Japan, the United Kingdom is a prime example of good data protection. The charter for Japan will also complicate the upcoming negotiations with the US, he fears, because “why should the US accept higher standards than Japan?” In addition, the community will have to be asked why US services should meet higher requirements than some services in the member states. Cannataci expressly welcomed the fact that the newly drafted Convention 108+ no longer excludes secret services in principle.
The Federal Commissioner for Data Protection, Ulrich Kelber, reported that the Federal Government also used the fact that data protection issues for the police and criminal prosecutors were removed from the General Data Protection Regulation to take its time with the implementation of Directive 2016/680. The member states actually had to implement the directive by May 6, 2018, he warned, and Germany had exceeded this deadline by 1000 days at the key point of the international data protection day. “I can only complain about data protection violations with the federal police and customs investigation. Without national laws I lack effective enforcement powers,” Kelber communicated yesterday by Press release With.
The British who have resigned must definitely comply with the Police and Law Enforcement Data Protection Directive. At least that’s what the ongoing process demands.