While ICC supports the goals of the regulation, it warns that its lack
of clarity on certain requirements, together with the excessive burdens it
would place on companies, would chill innovation and weaken the EU’s ability to
attract investment. ICC is particularly concerned about the proposal’s effect
on small- and medium-sized companies.
Christopher Kuner, who Co-Chairs the ICC Commission on the Digital
Economy’s task force on privacy and personal data protection said: “The
protection of fundamental rights and the promotion of innovation and economic
progress, which have been the defining goals of European Union data protection
and privacy efforts for the last two decades, are also the goals of the proposed
regulation. However, ICC believes that changes need to be made to the proposed regulation
to better promote these two goals.”
Drafted by the ICC Commission on the Digital Economy’s task force on privacy
and personal data protection, the ICC comments include recommendations for clarifying
the proposed regulation that could protect individuals’ data without
encumbering businesses working with, or in, the EU.
ICC’s recommendations are based on in-depth discussions with ICC members
from more than 120 companies of varying sizes around the world and with ICC
national committees in over 90 countries worldwide. They focus on three points
of particular concern to global business:
- The need for improved methods to allow for
international data transfers;
- The reduction of unnecessary administrative burdens;
- Increasing harmonization to create a predictable set
of rules and expectations.
Co-Chair of the ICC
task force on privacy and personal data protection, David Hoffman, said:
“Enabling cross-border data flows is essential to further economic growth in
today’s information society. While promoting fundamental rights, the regulation
should also eliminate unnecessary administrative burdens, such as removing
bureaucratic hurdles to information flows.”
Citing cloud computing
and big data as examples, ICC says the EU General Data Protection Regulation
must allow data to cross international borders, as new business models and
services – and economic opportunities – are based on global data flows. ICC
believes that data flows can be structured so as to protect fundamental rights
and the interests of individuals.
The paper concludes:
“This Regulation creates a unique opportunity to promote economic development
across the European Union while furthering shared goals of protecting privacy.
Predictability in how organizations will process personal data can drive trust
and confidence in participation in the digital economy. However, the revised
draft does not fully take advantage of the opportunity for clarity. Instead, it
runs the risk of creating greater uncertainty, which could decrease investment
in the EU and weaken competitiveness. We urge the European Commission, the
European Council and the European Parliament again to look specifically at
language that provides more clarity for decreasing the burdens on international
data transfers, reducing counter-productive administrative burdens, and
promoting harmonization.”
Today’s comments are the latest step in ICC’s long-term contribution to
data protection regulation, both in the EU and worldwide.
Download
the ICC comments on EU General DataProtection Regulation Issues
For
more information on the commission’s work visit the ICC Commission on the Digital Economy
To learn more about EU data protection
visit the ICC Task Force on Privacy and Personal Data Protection