While the United States has procrastinated on piecing together a comprehensive privacy protection law, the European Union has had a privacy regime in place since 1995. The governing document for this regime is the Data Protection Directive, which has been incorporated into the laws of the EU member state in slightly different forms. In the absence of any comparable US privacy framework, the principles established by the Data Protection Directive have become the most influential privacy framework in the world.
But although it is comprehensive in many ways, the Data Protection Directive has significant weaknesses. Erratic enforcement and uneven implementation have left consumers and industry confused as to how the Directive’s principles apply to emerging practices. To address these weaknesses and provoke conversation about whether new types of privacy-related rights may be appropriate 15 years after the Directive’s creation, the European Commission recently held a consultation on the Directive.
Read more »