European Union


Combatting cybercrime and ensuring the safe and free passage of data within the European Union has become one of the agenda front-runner’s for 2017.

On this page we will look at opinions from leading figures within the European Union and insights regarding the cybercrime, data protection and privacy landscape.

Leading Opinions:

Europeans call for stronger protection of their online communications

The European Commission has today published the results of a Eurobarometer survey and a public consultation on ePrivacy, which shows that Europeans want stronger protection, whereas industry and public authorities express more diverse views.

According to the Eurobarometer, a large majority of the respondents consider the privacy of their personal information, their online communications and their online behaviour very important.

The consultation results show that 83% of citizens, consumer and civil society organisations consider it relevant to have specific ePrivacy rules for the electronic communications sector on confidentiality.

Andrus Ansip, Vice-President for the Digital Single Market said: “Europeans want more privacy when they send messages and talk to each other regardless whether it is online or through traditional services. Our aim is to reinforce trust and security in digital services to boost the Digital Single Market.”

Günther H. Oettinger, Commissioner for the Digital Economy and Society added: “We want business to take advantage of data, to innovate and at the same time respect people’s privacy. Our proposal will strike a balance between the need for protection demanded by Europeans and flexibility requested by companies.”

The review of the ePrivacy Directive will complement the new General Data Protection Regulation (GDPR) and will widen its scope to also include services such as internet-based voice and messaging services (“over-the-top” services). The proposal will also simplify the provisions for browser cookies giving more choice to users.

For greater insight into the consultation results, click here.

Liberals and Democrats are concerned about loopholes in EU-US data protection Umbrella Agreement

The ALDE Group in the European Parliament has question marks about the compatibility of the EU-US data protection agreement with the EU treaties. This is the reason why European liberals and democrats proposed the European Parliament seeks an opinion from the Court of Justice. However, a majority of political groups in the European Parliament voted to give consent today to this agreement despite concerns expressed by legal experts of the Working Party 29 and the legal service of the European Parliament.

The purpose of the so called “umbrella agreement” is to ensure a high level of protection of personal information and enhance cooperation between the US and the EU in relation to the prevention, investigation, detection or prosecution of criminal offences, including terrorism.

Sophie in ‘t Veld, ALDE shadow rapporteur for the umbrella agreement and ALDE spokesperson for data protection, said: “We were the first ones to call for a data protection agreement with the US, as the flow of personal data was growing. A set of standards was clearly needed and this agreement represents significant progress in that sense”.

“However, although this new framework certainly strengthens data protection safeguards, legal concerns persist in the “small print” of the Umbrella Agreement”

“The European Commission considers that the commitment from the US government to fulfil the agreement is enough. However, the chances that all elements of the agreement will be effectively enacted are almost null”. “For the Umbrella Agreement to be valid, the US needs to ensure that certain data bases, such as those holding passenger data or bank data (“Swift” data), are no longer exempt from the Privacy Act.  For this to be fulfilled under the Obama administration was already doubtful; with the upcoming Trump administration it seems practically impossible. This is even more important because, once the agreement enters into force, the US are deemed to have fulfilled the ‘appropriate safeguards’ for data transfers required by the recently adopted EU Data Protection Directive for law enforcement”

Furthermore, the Alde group highlights that the right to judicial redress in the agreement is made conditional on the EU allowing the transfer of data for commercial purposes, and it excludes EU residents who are not EU citizens. Sophie in ‘t Veld added: “It is surprising to see that other groups, including the rapporteur of the Green Group, have so much confidence in the upcoming Trump administration with regards to privacy protection. Their argument that citizens may challenge the agreement in court puts the burden on the citizen. It should be for us, politicians, to take responsibility for the protection of citizens’ rights”. “Europe must stop the adoption of pieces of legislation that are not legally sound and declared invalid by the Court afterwards. We should have taken more time if needed, until we were sure that the agreement signed with the US fully respects European legislation”.

“The EU has just upgraded our standards for the protection of our personal data with the approval of the data protection package. We should not lower them again through the back door”.  Jan Philipp Albrecht (Greens/EFA, DE) – EU-US data protection agreement

The European Parliament has by a large majority agreed the EU-US data protection agreement for police and law enforcement authorities (“Umbrella agreement”).

Jan Philipp Albrecht, rapporteur and Green justice spokesperson, welcomed the agreement, which for the first time sets high and binding data protection standards for data transfers.

“Thanks to this agreement, we can now look forward to high, binding standards and strong rights for citizens on both sides of the Atlantic when data is exchanged between police and law enforcement agencies. This should mark the beginning of a new approach when it comes to negotiating fundamental rights, with an emphasis on setting high and legally binding standards, rather than simply ensuring the bare minimum standards are met. 

“I am pleased that we have secured binding clarification that the agreement does not represent a legal basis for new data transfers, but protects the data that is already exchanged legally. Data protection authorities will be able to check compliance at any time.”

Vice-President Ansip’s Speech at ECIPE seminar on the free flow of data

We all accept the reality of how much data is changing the world and the way we live.

Data is intangible. It amounts to a series of facts, numbers and text that have little meaning on their own.

The true value comes only when data is interpreted, analysed and used. Data can make a factory’s production line more efficient.

It can improve the quality of healthcare, create new ways to learn in schools, help to make cars safer, allow buildings to save energy.

It has massive socio-economic value. Data has become a commodity and a resource.

In the late 20th century, it was more a case of starting to think about data or be left behind.

Today, it is about competing for data. The winners are those who possess more data, use it safely and securely, with increasing imagination and ingenuity. competing for data

By doing so, they make the commercial value of data grow – and attract data gatherers to compete for it in the emerging data market.

Data can now be transferred more easily than before. It can be marketed, re-used, aggregated, transformed, bought and sold, within the limits of the data protection rules we have in the EU.

But is this market fluid enough? We think not.

Most economic activity will depend on data within a decade. But if data cannot move freely, its growth potential is limited.

Data should be able to migrate between locations, across borders and within a single data space.

It cannot yet do this in Europe, where data flow is held up by technical and legal barriers.

Your report published today confirms this. It identifies a string of direct and indirect barriers in EU countries on data usage and transfer.

Company records, accounting data, banking, telecoms and government data.

It also concludes that data localisation measures are actually increasing worldwide. So we are seeing a trend towards more rules, not fewer. more not fewer

This also means that EU companies face similar restrictions when they operate in non-European markets – for example, in public procurement negotiations.

Data, digital technologies and services – big data, cloud services, the IoT – can only reach their full potential on the basis of sufficient scale.

Confining data within countries constrains the entire EU data market. If today’s restrictions were removed, it could generate up to €8 billion in GDP a year.

But if the current trends on localisation rules are not stopped, the cost to the EU economy will be much higher than this gain.

This is holding back the Digital Single Market.

It is not good for Europe, its businesses or for these technologies to take off. We are losing out on data’s potential.

I am not a fan of forced data localisation or of data protectionism. For me, the question is not whether to act – but when to act, and how to act. whether when to act how to act

After all, this is Europe’s digital future. Thank you.