- Daily Zen
Europe’s data protection laws under the General Data Protection Regulation need to be revised to meet the post-pandemic world’s needs, says Alex Voss, who co-wrote the laws.
Axel Voss, an EU parliamentary member, told the Financial Times that it needs “some type of surgery.” The law came into force just three years ago and will soon be put to the vote for ensuring that it becomes the “gold standard for the world.”
Alex Voss sees the need for a revamp of GDPR, considering the Pandemic has changed the way the world conducts its business. Offices have majorly moved into the work-from-home mode, and there has been a widespread adaptation of related technologies.
“We have to be aware that GDPR is not made for blockchain, facial or voice recognition, text and data mining [ . . . ] artificial intelligence,” said the German MEP. “The digital world is about innovation. We cannot stick with principles established in the 80s that do not reflect the new situation we are living in,” he added.
Voss said the present scenario left people vulnerable as they used a host of services under a single-point authentication. “If you have a home office situation and you’re dealing with personal data, you are left alone with numerous legal obligations that are difficult to understand. What are the requirements for dealing with data protection in a private home?”
Voss said that other members of his political party, the European People’s Party that includes German Chancellor Angela Merkel, agreed with his views.
But not everyone is in agreement. Sophie in’t Veld, a Dutch MEP, who was also a co-author of EU’s GDPR privacy law, believes that the current regulation remains fit for purpose. “Is a law ever perfect for every individual and union? No, of course not,” she said. “But we worked on this piece of legislation for five years and we have prepared it better than any other legislation. We spoke to hundreds of companies, academics, privacy experts, civil societies, tech experts, you name it.”
She added: “The idea that we have overlooked something is not plausible. GDPR is also a very general piece of legislation that leaves lots of flexibility for implementation.”
While EU’s GDPR has been seen as a template for the rest of the world, not everyone is happy with it. Small businesses, in particular, are struggling with the rules. They find the cost of compliance high. A confidential draft has outlined the difficulties, especially with the emerging technologies, that have not been dealt with fully and the problems faced by smaller businesses.
“Further challenges lie ahead in clarifying how to apply the principles to specific technologies,” the draft said. “Some stakeholders report that the application of the GDPR is challenging especially for small and medium-sized enterprises (SMEs).”
Meanwhile, the European Commission announced that the UK’s data protection regime complies with the GDPR.
The EU Commission is eager that the GDPR is implemented within the bloc and even outside and is treated as a template to be copied by others.
The law, which also applies in Iceland, Liechtenstein and Norway, has inspired numerous data protection laws around the world.
Article 45 of the GDPR allows the European Commission to determine whether non-EU countries meet the protection level offered to European citizens for data flow or any dispute. The decision of the European Commission is not yet final. In the meantime, data flows between the two will operate through an interim regime included in the EU-UK free trade deal signed last year. This regime expires on June 30.
“Ensuring [the] free and safe flow of personal data is crucial for businesses and citizens on both sides of the Channel,” said Věra Jourová, vice-President of the European Commission. “The UK has left the EU, but not the European privacy family.”
Subscribe to the nation’s fastest-growing CEO magazine where top leaders & executives share sound business advice and interesting insights.