Get in the ring: US, Europe vow to bash out Internet personal privacy protection

Google, Facebook privacy activities targeted by EU in past

When it comes to protecting personal privacy on the Internet the United States and European Union have often clashed. And it's likely the future won't be much better. But officials from both sides of the ocean say they are now committed to fixing the problems that have kept the two worlds - which some say includes over 700 million users - apart.

Today the US Department of Justice issued a statement: " On March 28, 2011, the European Union and the United States opened negotiations on an agreement to protect personal information exchanged in the context of fighting crime and terrorism.   The negotiations will build on our long-standing, robust cooperation and agreements in this area. The United States and the European Union are committed to ensuring a high level of protection of personal information, while fighting crime and terrorism.   The United States and the European Union are strongly determined to reach, without delay, an agreement that will advance our mutual goals."

More on security: 20 hot IT security issues

Details about how such an agreement would work remain to be hashed out and it sounds like much hashing will be needed.  

From Reuters:  "The crux of the issue for Europe comes down to delivering strict measures to protect individuals, so that companies must, for example, respect an individual's "right to be forgotten" -- ensuring that their data are erased if they so wish. The United States has tended to prefer giving companies responsibility for policing themselves, with the obligation to sign up to codes of conduct, not to meet specific legislation. While the EU wants websites to require user-consent every time their data is used, consent forms tend to be long and difficult to understand, and the EU has remained tight-lipped on what user-consent will look like.  The EU is considering how elements of US-style self-regulation could be integrated into its Internet privacy regime without losing legal rigidity."

You can get a flavor of how difficult US and EU discussions might be from a speech this week EU Justice Commissioner Viviane Reding.  From the Wall Street Journal: "The first pillar of the European Union's proposition would be "a comprehensive set of existing and new rules to better cope with privacy risks online.  'When modernizing the legislation, I want to explicitly clarify that people shall have the right-and not only the 'possibility'-to withdraw their consent to data processing.'  She said the "burden of proof" should be on data controllers who process data. 'They must prove that they need to keep the data rather than individuals having to prove that collecting their data is not necessary. New EU rules should apply regardless of data location, protecting EU citizens even when the data is stored on a US website.'"

More on regulation: Who really sets global cybersecurity standards?

While she didn't mention them by name Google and Facebook have been in the EU doghouse of late for their gathering and use of personal data.

More on the difficulties of establishing privacy policy, this time from Bloomberg: "Google Inc. and other U.S. Internet companies may be hampered by a multiplicity of data protection rules in Europe and beyond that are "potential barriers to the free flow of information,' a US official said.  Daniel Weitzner, an Internet policy official in the US Commerce Department, said regulators don't always recognize companies' efforts to set basic data protection standards that are adequate to stem abuses of privacy. 'It's awfully difficult to adapt privacy practices for a hundred or more different" jurisdictions. That is a substantial barrier today.'"

In October, the White House National Science and Technology Council said it would set up a multi-agency subcommittee to monitor and address global Internet privacy policy challenges and help address those  challenges through coordinated US government action.  The Subcommittee will aim to strike the appropriate balance between the privacy expectations of consumers and the needs of public industry, law enforcement and other public-safety governmental entities, and others with a stake in the Internet's development, the group stated.

"The public policy direction developed by the Subcommittee will be closely synchronized to privacy practices in federal Departments and agencies, resulting in a comprehensive and forward-looking commitment to a common set of Internet policy principles across government.  These core principles include facilitating transparency, promoting cooperation, empowering individuals to make informed and intelligent choices, strengthening multi-stakeholder governance models, and building trust in online environments," the blog stated.

 Follow Michael Cooney on Twitter: nwwlayer8  

Layer 8 Extra

Check out these other hot stories:

Should smartphones be allowed in the courthouse?

NASA's "images" of life on Mars circa 1975

Welcome to Plato, Mo. (pop. 109) the mean population center of the United States

Men AND women might both be from Mars

FBI: How to be an expert at the black art of cryptography

US slowly, very slowly oozes rare earth assault

NASA star-gazer satellite recovers from 144-hour network glitch

Google Voice gets into Sprint Mobile phones

Gigantic changes keep space technology hot

NASA satellite goes where no other spacecraft has gone before: Mercury orbit

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2011 IDG Communications, Inc.

IT Salary Survey: The results are in