PLEASE NOTE: Our website uses a technology called cookies to improve your experience. One of the cookies we use is essential for parts of the site to operate and may have already been set. You may delete and block all cookies from this site, but parts of the site will not work. For more information see our privacy policy.

To accept cookies from this site (and hide this notice) please check this box and click the continue button.

HomeThe IssuesOur ServicesOur TeamPublicationsTestimonialsNewsletterContact us

On the case - January 2009

Don’t be seduced by an international data protection regime

If you are a data protection commissioner, nirvana might be a place where data protection rules are the same everywhere in the world and the privacy of the individual is guaranteed no matter where they live. For embattled international direct marketers who struggle to understand local data protection laws and their annoying variances this view of the world could seem very seductive.

Imagine… more worrying about whether the law of origin or law of destination applies; no more concerns about whether the sign up has to include an opt-in or an opt-out; no need to wrap personal data in cast iron contractual clauses just to get it from A to B. Sounds great, doesn’t it?

Unfortunately the reality may be less palatable producing an unwelcome harmonization of restrictions at the highest possible level.
One of the seven resolutions recently adopted at the International Conference of Data Protection and Privacy Commissioners (where 78 national data protection commissioners came together in Strasbourg for a privacy “love-in”) expressed the “urgent need for protecting privacy in a borderless world” and called on the International Law Commission of the United Nations to continue its work towards a global regime.

But how could this mythical regime create a balance between what the commissioners themselves recognise as the significant “privacy disparities” to be found around the world?

Perhaps a hint of what might be ahead is that the first proposer of this resolution is the Spanish Data Protection Commission - known to be amongst the hawks when it comes to enforcement and especially tough on exporting data. Reading on, marketers might feel a frisson when they see that the Commissioners plan “To elaborate a set of principles and rights which, while reflecting and complementing existing texts, aim to achieve the maximum degree of international acceptance ensuring a high level of protection.” I think we all know what that means.

The borderless world of the Internet is clearly under the spotlight, “Borderless……because the tools of the digital society (search engines, social networks, RFIDs, geolocalisation, biometrics, and so on) accompany everyone at each stage of life by leaving permanently individual and borderless traces in both space and time.” It is perhaps no co-incidence that two of the other resolutions attacked Social Networking and Children’s Online Privacy.

It is just possible that this privacy heaven may be a marketers’ hell.


Other recent items: