« Google outs "state-sponsored" hacking (again) | Main | UK law hits both libel tourism and anonymous abuse »

Jun 08, 2012


"More privacy law means more victims of privacy law"?
I'd rather say: "More poor understanding of privacy law means more unnecessary privacy-bashing".
Yes, Europe has "grand principles" regarding privacy and data protection.
That's because, unlike the US, we consider them fundamental human rights.
And rightly so, I might add.
But anyway, without having read the EDPS's opinion (your link is not to the correct document), in general:
- If you can demonstrate that it is really necessary to process the personal data, then this is often possible under current data protection rules, especially for research purposes. But are the data really necessary? Can't they be pseudonymized, for instance? Don't blame privacy laws for your own unwillingness to walk the extra mile required!
- If current data protection do actually prevent processing that is deemed necessary, a legal basis can usually be created.
In other words, you're cyring wolf.

I've corrected the link so it goes to the proper EDPS opinion. You're correct that some Europeans consider data protection to be a fundamental human right. Simply calling something a fundamental human right, though, can't be the end of debate; it should be the beginning. I am pointing out the costs of treating something as malleable as privacy expectations as a fundamental right. You're also right that, in theory, there is a way to solve many of the problems created by the "rights of man" approach; all it takes is more time, more money, more hassle, and more lawyers. Of course, in the real world, anything that takes all those things to get done, doesn't get done. That seems to be what's happened here, where the solution chosen for anonymizing the data doesn't allow researchers to do the kind of detailed research they think is necessary.

The comments to this entry are closed.