Groups take EU privacy fight public

The TransAtlantic Consumer Dialogue coalition, which includes such organisations as the Consumer Federation of America and the U.S. Consumers' Union, said on Wednesday that the U.S. Commerce Department's recent "safe harbour" proposal doesn't go far enough to protect Internet users' data privacy. They urged the U.S. and the EU to work together on an international convention on privacy to safeguard consumer privacy and bolster e-commerce.

The emergence of such widespread opposition could pose a stumbling block to the U.S.-EU negotiations on data privacy, some observers said. The Commerce Department proposal, issued to the EU for consideration earlier this month, would protect from litigation companies that take certain steps to protect users' online privacy. U.S. and EU officials have said they expect the proposal to be adopted prior to their next summit, to be held in June.

The problem, according to some TACD members, is that the proposal doesn't provide a strong enough enforcement mechanism. Others added that the U.S. should have gathered citizen input before issuing the proposal to the EU. "We do not feel that the safe harbour proposal provides adequate enforcement to safeguard the interests of European citizens," said Jim Murray, director of the Brussels-based European Consumers Organisation. "We are also not pleased about the elaborate procedures that consumers would be required to follow to pursue privacy violators."

The TACD said the proposal, offered by the Commerce Department as a compromise aimed at keeping data flowing between the U.S. and Europe even after the EU's strict Data Directive on privacy is implemented, would "undermine the purpose of the Data Directive."

U.S. privacy-watchers also criticised the Commerce Department plan. "We are simply past the day when the government and the industry can propose sweeping policies that affect the privacy interests of consumers without taking the time to seek substantial public input," said Marc Rotenberg, executive director of the Electronic Privacy Information Centre.

Although EU ministers have said publicly they are optimistic about the prospects of reconciling the European concern over data privacy with the desire of U.S. companies to gather certain data from customers, the TACD statement raises questions about whether the compromise is as close as some have said. And while the EU's Data Directive -- which essentially bars companies from collecting data from European citizens if they can't meet a strict privacy standard -- is on hold while negotiations continue, the EU's patience might not hold indefinitely, according to some observers.

The safe harbour plan "has risen from the level of extremely vague to very vague, but is still nowhere near useful," said Jason Catlett, CEO of Junkbusters Corp., a company that makes anti-spam and privacy-protection tools. "I don't see how Commerce can keep (U.S.) companies anywhere near comfortable and still satisfy the Europeans' requirement of effective redress" for misuse of data, Catlett said.

In addition to the resolution opposing the safe harbour plan, the TACD also passed resolutions urging the U.S. and the EU to include consumer groups in their negotiations on implementing the Data Directive, and urging that international rules on data privacy be formulated.