Data Protection Day is an annual event organised by human rights organisation Council of Europe that takes place every 28th January.
Launched eight years ago – and known as ‘Privacy Day’ outside Europe – it aims to raise awareness surrounding data protection, an issue that has become increasingly prominent in light of cyber security breaches and NSA surveillance revelations.
But it is not just loose-cannon government agencies and cyber criminals who are threatening data privacy, but businesses as well.
“The problem is the tension between the legal models we have that say we need our data to be protected and here’s the way to do it, and the business models which are based on the processing of data and the greater the amount of data processed, the better those models are in economic terms,” Sophie Kwasny, head of Council of Europe’s data protection unit, told Computing.
That tension, she argued, has created friction between major US tech organisations and European governments, which have different approaches to how businesses should handle users’ data.
“The internet has created this huge shift; there’s a tension between American firms – because most of the internet players are US firms – with a different vision of how this is to be done, so balancing both isn’t easy,” said Kwasny.
Google notoriously ignored European laws when it combined privacy policies for all of its services into one, a move that angered data protection authorities (DPA), with many issuing fines after a continent-wide investigation.
“You had the Spanish DPA fining Google €900,000, the French fined Google €150,000 – it’s ridiculous,” said Kwasny.
“Clearly, being able to give a fine of such a limited amount is irrelevant, it’s a symbolic action.”
[Please turn to page 2]