A More Protective Europe (about personal data)

Although we in America have certainly had dark portions of history that lend to general feelings of privacy and protection of that privacy, it is clear that individuals of the European culture are more sensitive to an invasion of their private information and know too well what happens when individuals in power pry too far and what can be done with that collected personal/private information.

According to Euronews (which also includes a good video about this topic), “more than 70% of Europeans are worried about what happens to their data online”. New proposals for privacy laws and reform have included:

  • Easier access for users to their own personal data
  • Easier transfer of data from one service provider to another
  • A ‘right to be forgotten’, making it easier to delete data
  • A requirement for websites to have “privacy by default”
  • One set of rules across EU and tougher fines for breaches

Although there are changes…“The Director of Privacy International, Simon Davies, said: ‘Well, some of the changes are long awaited and they’re much needed. They fall short in some respects, because it’s still the case that privacy in Europe is based on trust. And it doesn’t matter how hard the commission tries to enforce privacy, while the willingness is not there from industry and government, we’re still going to end up in a surveillance society.'”

From the Safe and Savvy Blog, this has been one of the most clear breakdown and comparison of different situations where US and Europe differ when it comes to privacy:

The Workplace

EU
In the EU even your personal correspondence on your work computer is protected. Thanks to Data Protection Directive employers not only have to notify employees if any private data is being monitored, they also have to prove there is a good reason to do so.

US
As Melissa Ngo, the publisher of Privacy Lives, points out, in the United States, “Employees have few privacy rights in the workplace.” In most cases, employers can even read personal email sent on a work computer, even if the mail is not stored on work servers.

Recruiting

EU
It is even against the law for companies to Google a job applicant in Finland. Germany isconsidering a law that would make it illegal to look up an applicant on Facebook . In general, public information may be viewed. But companies must explicitly state what information they keep and how they use it in accordance with the Data Protection Directive.

US
Nearly 90% of American companies use LinkedIn for recruitment.  A recent decision by the Federal Trade Commission indicates that the last seven years of your social media activity may be fair game in a background check.  Americans should expect that any public post that includes their name may be accessed by a potential employer.

State Surveillance

EU
When the Chaos Computer Club (CCC) identified a software backdoor, which they claimed was being used by the German government, many assumed this was in violation of the German constitution. In fact, the German Federal Constitutional Court declared in 2008 that the “integrity in information-technology systems” is a “fundamental right”. However, German courts have approved over 50 requests by law enforcement to use spyware. So in Germany, at least, spyware is being used by law enforcement, with courts supervising the activity.

US
Government documents indicate that the US government is using spyware to track persons of interest, sometimes without a warrant.  Potential government surveillance seems to be an accepted fact of American life as the PATRIOT Act is continually renewed.

(Note: F-Secure joined several anti-virus makers in blocking the German federal malware, though no F-Secure customers had been infected by the backdoor. F-Secure Labs has never been asked to ignore a government backdoor, and would never do so.)

Right to Be Forgotten

EU
The European Union has stated that its citizens should have the right to be forgotten online.  This means that  “individuals should have the right to have their data fully removed when it is no longer needed for the purposes for which it was collected.” Europe v. Facebook has been advocating that European Facebook users petition the world’s largest social network for a copy of their data. European law gives all citizens the “right to access” such data but the site says Facebook has been ignoring this.

US
US citizens currently have no “right to be forgotten” though the Privacy Act of 1974 requires that all companies disclose how customer data will be used.   Senators John Kerry and John McCain have proposed the “Commercial Privacy Bill of Rights Act of 2011” which includes a reasonably scoped “Right To Be Forgotten”. That bill is currently in committee.

***

In April, Google decided to end Street View in Germany. The decision came after a protracted battle with German citizens who saw this initiative to create a digital image record of the country’s public streets as an invasion of their privacy.

Google met no such widespread opposition to Street View in the United States where many realtors and real estate sites depend on Street View to maximize a property’s exposure to potential buyers.

Other quality articles about this topic:

http://blogs.wsj.com/digits/2011/09/29/europeans-to-facebook-wheres-my-data/

https://www.eff.org/deeplinks/2012/01/flawed-data-retention-directive

http://www.simplysecurity.com/2011/09/22/us-could-learn-from-european-data-privacy-practices-critics-say/

http://www.pcmag.com/article2/0,2817,2399931,00.asp

Advertisements


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s