All-out Lobbying in the EP to Sell Our Privacy: Act Now!

*** UPDATE — 18 February 2013: publication of the "compromise amendments" dated February 18th ***

Paris, 13 February 2013 — After the US corporations' victory in the European Parliament's “Consumer” committee (IMCO) in late January, more committees will cast their opinion votes on the data protection regulation next week1. As lobbying pressure from industrial actors intensifies, La Quadrature du Net publishes the “compromise amendments” currently negotiated in the “Industry” (ITRE) Committee to illustrate how the protection of our privacy is under attack. Citizens must react by urging Members of the Parliament to impose tough safeguards against the commercialization of our private lives and behaviour online.

Scheduled, respectively, for the 20th and the 21st February, the “Industry” (ITRE) and the “Employment” (EMPL) committees' opinion votes are rapidly approaching. As did the “Consumer” committee (IMCO), who voted to weaken safeguards for citizens' privacy, both of those committees have to vote on their opinion on the draft report of the “Civil Liberties” (LIBE) committee2. Opinion votes can have a major impact on the LIBE's report, and in the end, on the final vote.

The lobbying by US companies, joined in the case of banks and insurance companies by their European counterparts, is extremely strong and relentless.The website clearly shows that changes proposed by lobbyists have gone verbatim into amendments tabled by MEPs. To illustrate how protection of our privacy is currently under attack, La Quadrature du Net publishes the "compromise amendments"3, dated February 6th, currently being negotiated in the “Industry” (ITRE) committee. These proposals from MEPs copied in some cases directly from lobbies, are tabled on Sean Kelly's (Ireland - EPP) draft opinion, the rapporteur for the ITRE committee. Most of the compromise amendments attempt to modify the report by relaxing the obligations made to actors collecting personal data. They are still under negotiation and may be adopted by the committee during its vote of the 20th February. The text in bold characters in the following examples indicate the additions suggested by MEPs:

CA 41
Article 7 – paragraph 3
3.The data subject shall have the right to withdraw his or her consent any time. If the consent is part of a contractual or statutory relationship the withdrawal shall depend on the contractual or legal conditions. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. It is acknowledged that the withdrawal of consent can lead to the termination of the service and of the relationship with the controller.

Aims at replacing the right to withdrawal of consent to collection, processing or storage by a contractual obligation, controlled by companies.

CA 62
Article 31 – paragraph 1
1. In the case of a personal data breach relating to special categories of personal date, personal data which are subject to professional secrecy, personal data relating to criminal offences or to the suspicion of a criminal act or personal data relating to bank or credit card accounts, which seriously threaten the rights or legitimate interests of the data subject, the controller shall without undue delay notify the personal data breach to the supervisory authority.

Replaces the obligation of notification of a breach of personal data by obligation of notification of certain types of data.

These amendments are currently being negotiated, and as such, are still subject to change. In order to allow all citizens to take action against these dangerous proposals, La Quadrature du Net encourages citizens to use its Piphone, a campaigning tool allowing to call targeted MEPs, free of charge. From next Monday4 until the votes, EU citizens can call their MEPs and demand the protection of their rights and freedoms, by the adoption of strong safeguards for their privacy. Here are the key messages to use while calling MEPs:

  • Defend the principle of explicit, informed and for specific purpose(s) consent, no more, no less
  • Delete any mention of “legitimate interests” (for corporations to bypass privacy safeguards)
  • Protect all personal data, even if pseudonymous or encrypted, refuse that absurd concept of “pseudonymous” data be used as derogation to safeguards
  • Oblige both “controllers” and “processors“ of personal data to protect it
  • Ensure that every breach of personal data be notified to the relevant bodies, and severely sanctioned if harmful and done on purpose

“After the citizen defeat in the Consumer committee, it is time to act to protect our fundamental right to privacy. European citizens should act to urge their MEPs not to give in to the lobbying from giant companies that sell our personal data. If our elected representatives want to protect the general interest rather than some private interests, they must get involved and adopt strong safeguards against the abusive collection, process and trade of our personal data.” concluded Jérémie Zimmermann, spokesperson for citizen advocacy group La Quadrature du Net.

To get more information and discuss this, you can visit our forum.

  • 1. The Industry (ITRE) committee will vote on its opinion on the 20th February, and the Employment (EMPL) committee will vote on its one the 21st February.
  • 2. The LIBE committee, with the rapporteur Jan Philipp Albrecht (Germany - Greens/EFA), is the main committee working on the revision of the European regulation concerning the protection of personal data (95/46/EC): its final report, which must into account the opinions expressed by the IMCO, ITRE, EMPL and JURI committees, will call the whole European Parliament to vote in favour or against the new Regulation during the final vote in plenary session.
  • 3. Compromise amendments are amendments negotiated before a vote between political groups to replace regular amendments. If they reach an agreement, MEPs vote only on the compromise amendments and avoid a long review of all amendments tabled on a text.
  • 4. MEPs are currently in break.