WFA claims EU data-protection proposals threaten digital innovation

As reported by Marketing, the European Commission has proposed new data-protection laws that would allow regulators to fine companies up to 2% of their global annual turnover for serious violations, such as processing sensitive data without an individual's consent. The proposals also seek to require explicit consent for processing of personal data and give individuals more control over their personal data, including the ability to be digitally “forgotten” by an organization that has no reason to retain their data.

The WFA’s arguments against the proposals, which face a long period of discussion and revision before they would become law, center on painting the regulations as too broad. For example, the WFA states, proposed definitions of terms such as “data subject” and “personal data” encompass a “virtually unlimited” scope of information and would mean that an anonymous online identifier (such as found in a browser cookie) would have to be protected just as carefully as an individual’s full name or credit card number.

Likewise, the WFA says, requiring a single form of explicit consent for all categories of information ignores the reality that placing a cookie is far different from, for example, asking about religious or political beliefs. By requiring the same consent for all types of information, the proposals risk creating “consent fatigue” among users, who would begin to unthinkingly consent to every interruption and therefore undermine the intent of the regulations, according to the WFA.

"There’s no denying that the current data-protection framework needs updating,” said Stephan Loerke, WFA managing director. “But [this] proposal would have damaging consequences for jobs and our economy. It would stifle both growth and innovation across Europe – the opposite of what is needed in the current economic climate.”

The WFA also called attention to its own “self-regulatory initiative” for data collection surrounding online behavioural advertising.