Posts Under: EU

SIIA Files Comments on International Internet Policy Priorities

Today, SIIA filed these comments to the Commerce Department’s National Telecommunications and Information Administration (NTIA) on international Internet policy priorities.  The comments are in response to this NTIA Notice of Inquiry (NOI) soliciting stakeholder input.  SIIA’s suggested priorities are summarized below.  The first three priorities are particularly important because they lay the foundation for good international Internet policy, broadly speaking.

more

The Future of Artificial Intelligence (AI) in Europe

The Software & Information Industry Association (SIIA) and the European Center for International Political Economy (ECIPE) hosted a stimulating June 19, 2018  panel discussion on “The Future of AI” in Brussels at ECIPE’s offices.   European Commission Policy Officer Andrea Glorioso, Delft University Professor Jeroen van den Hoven, Elsevier Senior Vice President  for Analytics for Research Products Elisabeth Ling, and Thomson Reuters Global Head of Risk Technology Management Solutions Alex Cesar provided perspectives on what it will take for the European Union to achieve the ambitious public and private and investment objectives it has set for itself in its April 25, 2018 Communication on Artificial Intelligence.  It was a privilege to moderate this event, and I thank ECIPE and the panelists for their participation.     Synopsis of Panelist Views Andrea Glorioso noted that the Commission has specifically opted not to pr ...

more

General Data Protection Regulation (GDPR) Entry-Into-Force: Ten Suggestions From SIIA

Tomorrow is May 25 and therefore the entry-into-force of the GDPR.  The European Commission views the GDPR as one of its significant Digital Single Market (DSM) achievements.  The Commission estimates that the DSM could add Euros 415 billion a year to EU GDP and add hundreds of thousands of jobs (see also this document on the economic impact of the DSM).  There is no Commission calculation on what contribution the GDPR would make to this overall DSM estimate (it does say that GDPR will save business some money – see below), but the Commission argues that the GDPR will enhance trust in the digital economy and therefore promote the expansion of Europe’s digital economy. As somebody who has spent a significant portion of the last year on counselling member companies on the GDPR, the immediate compliance burden looms larger than the possible innovation opportunity.  Nonetheless, there is still scope for European regulators and policymakers to interpret an ...

more

“What’s This New European Privacy Law About?”: Demystifying the General Data Protection Regulation (GDPR)

With just over a week until the European Union’s (EU) General Data Protection Regulation (GDPR) goes into effect, companies around the world are coming into compliance with the far-reaching law. Inboxes everywhere have been overflowing with consent notifications over the past few months. If you’re just getting started on GDPR or generally curious, here is a brief overview of the GDPR. Disclaimer – GDPR is broadly written and is context-specific. If your company is in need of compliance help, consider engaging with an outside firm to address your compliance needs.

more

The General Data Protection Regulation (GDPR): Reasonable Implementation Key Now

Today, the Atlantic Council hosted an interesting panel discussion entitled: “Protectionism, Data Privacy, and the Transatlantic Partnership.”  European Commission Digital Affairs Counselor Peter Fatelnig, Atlantic Counsel Distinguished Fellow Fran Burwell, and the U.S. Chamber’s Senior Manager for Digital Affairs Kara Sutton provided a lot of substance and perspective on what is happening in the run-up to the GDPR’s May 25, 2018 entry-into-force.    Appropriately, although the event name started with “protectionism,” nobody discussed the GDPR in those terms.  That is because whatever one’s views are on whether the Regulation really will promote digital innovation in Europe, the GDPR per se is not a protectionist Regulation.  Besides, the train has left the station.  Companies around the world, including SIIA and its member companies, are racing to comply with the GDPR.  Currently, I spend about a quarter o ...

more

Member Resource: New EU Data Privacy Regulations for 2018

In May 2018, the new European Union (EU) privacy and data security regulations will take effect. These regulations, formally known as the General Data Protection Regulation (GDPR), will make many changes from current EU regulations. Even with Brexit, the UK plans to implement the Regulation as well. The challenges can seem daunting, and the stakes are potentially high as the regulators can impose fines for non-compliance as high as 4% of global revenue.

more

ePrivacy Regulation: SIIA Urges EU to Take Needed Time to Fix Concerns About Impact on Digital Content and Services

A piece in DigiDay yesterday draws attention to the fact that publishers are at risk under the draft ePrivacy Regulation under consideration in Brussels. At this time, the draft Regulation is in a state of flux, and the outcome is hard to know, with a possible tightening of the current requirements on cookies. Under the current ePrivacy Directive, often referred to as the “Cookie Directive” publishers merely need to get consent, by having readers click a box that they consent to the use of cookies.  As the DigiDay article points out, the new regulation could empower browsers to play more of a gatekeeper role, which is one of several possible outcomes. SIIA has been active in highlighting the problems for European policymakers.  On July 1, 2016, we filed comments arguing that the proposal should not be extended to software and digital content publishers and over-the-top-content providers, who would continue to be regulated under the more flexible rules of th ...

more

Civil Society Groups are Moving the Goalposts on EU-U.S. Privacy Shield

Human Rights Watch (HRW) and Amnesty International (AI) issued a press release today on a letter and brief the two organizations sent to European Justice and Home Affairs Commissioner Vera Jourova arguing for invalidation of the EU-U.S. Privacy Shield.  The letter and brief can be found here.  On substance of the criticism, these groups continue to sell the U.S. surveillance framework short, failing to recognize extensive transparency and safeguards that underlie the U.S. framework.  That aside, invalidation on these terms is not appropriate because the European Commission’s reasoned and detailed adequacy decision was based on information about U.S. surveillance practices and laws that the Commission had when the decision was released on July 12, 2016. After reviewing the commitments self-certifying organizations would make under the privacy shield and the enforcement mechanisms available under U.S. law, the Commission said, “the United States ensures an a ...

more

France’s Extraterritorial Interpretation of the Right to be Forgotten Goes to the European Court of Justice

Does the EU’s right to be forgotten extend to the whole world?  The French data protection authority, CNIL, says yes and wants search engines to delist search results which contain information that violates the European Union’s right to be forgotten – not just for French users, not just for European users, but for all users everywhere. Google is prepared to remove offending search results for European users, but balks at removing material globally just because European courts find that it violates European privacy rules. 

more

EU-Japan Economic Partnership Agreement Falls Short on Data Flows

Today, the EU and Japan announced political agreement in principle on an Economic Partnership Agreement.  Overall, this should be a positive development for EU and Japanese workers, consumers, and businesses.  But, it does fall short in one crucial regard.  There is no binding data flow obligation yet.  SIIA put out a statement on this gap today.  Instead of a binding data flow commitment now, the two sides agreed to conclude an accord on data flows in early 2018. 

more