Privacy Blog

By: Mary Churan Huang

http://www.irishtimes.com/business/technology/google-eu-s-data-protection-authorities-have-absolute-focus-on-privacy-1.2556597

This article discusses the positions taken by some of the world’s largest multinational companies in respect of the EU’s incoming General Data Protection Regulation (GDPR). The GDPR is set to replace the existing EU Data Protection Directive of 1995. There is a need to update the existing privacy laws in the EU as the technology evolution has accelerated and the current framework does not properly cover critical issues such as social networks and cloud computing. The GDPR is designed to be a more comprehensive and wide-ranging legal framework which will apply EU-wide, transcending any local privacy laws. The GDPR is intended to strengthen and unify data protection within the EU so that there will be one single legal framework within the EU. This would allow for international businesses to more easily comply with the EU privacy framework while allowing for more comprehensive protection for EU residents.

Both Google and Microsoft seems to regard the GDPR as a necessary step in data protection but does not anticipate a major change in their respective companies’ policies as they have already undertaken significant steps to enhance privacy over the years. Microsoft is concerned about the heavy penalties set out in the GDPR and has indicated that the new regime will be a great test of whether their privacy controls are working the way they should be. Google indicated that it will be working closely with the regulators to find a rational way of interpreting some of the ambiguities contained in the GDPR.

Adobe seems to be more critical of the GDPR, expressing its disappointment that the framework is not as unifying as it is intended to be. Adobe is of the view that new framework will still be fragmented and subject to interpretation by local authorities. The responses by these major multinational companies are unsurprising considering that any new regime would bring about much uncertainty. However, all these companies have expressed a willingness to comply and work with the relevant regulators to find a solution.