The Apple/FBI standoff is being closely watched in the U.K. and elsewhere in Europe, experts said in interviews this week. The company is resisting FBI and Justice Department requests to help the FBI break the encryption on an iPhone used Dec. 2 by one of the attackers in San Bernardino, California (see 1602170068). The ensuing legal battle in federal court in California sparked a House Judiciary Committee hearing Tuesday (see 1603010013) and requests by some legislators and industry for Congress to empower a panel to give guidance (see 1602290074).
Dugie Standeford
Dugie Standeford, European Correspondent, Communications Daily and Privacy Daily, is a former lawyer. She joined Warren Communications News in 2000 to report on internet policy and regulation. In 2003 she moved to the U.K. and since then has covered European telecommunications issues. She previously covered the U.S. Occupational Safety and Health Administration and intellectual property law matters. She has a degree in psychology from Duke University and a law degree from the University of Tulsa College of Law.
Documents detailing Privacy Shield, safe harbor's successor agreement for trans-Atlantic personal data flows, emerged Monday from the European Commission. EU data protection authorities (DPAs) in the Article 29 Data Protection Working Party will now analyze the text "with great attention" before finalizing a draft opinion to be approved at an April 12-13 plenary meeting, the WP said Monday. U.S. bulk data collection is likely to remain a key concern for DPAs, said Hogan Lovells (London) privacy attorney Eduardo Ustaran. Max Schrems, whose challenge in the European Court of Justice (ECJ) led to the abolition of safe harbor, predicted further lawsuits. Industry groups welcomed the text; privacy and consumer rights advocates bashed it.
Europe has made progress in the digital arena since last year, but continues to lag behind the U.S. and some other countries, said Digital Economy and Society Commissioner Günther Oettinger at Thursday's webcast Brussels Digital4EU conference. The 2016 Digital Economy and Society Index (DESI), also released Thursday, measured 30 indicators in all 28 member states. Results showed that although there is forward movement in connectivity, digital skills, public services and other areas, the rate of progress is slowing. "We have to catch up; we're in a race," Oettinger said. Europe has some big players but, unlike the U.S. and some other nations, no clear strategies for developing new digital services, apps and smartphones, he said. The European Commission will publish its first report on digital progress in all 28 member nations in May, he said.
Pending and approved U.K. telecom mergers are heightening attention on EU and national competition regulatory approaches, lawyers and consultants told us. With the approval without conditions last month by the U.K. Competition and Market Authority (CMA) of the BT/EE merger, all eyes are now on what the European Commission will do about the proposed link-up of Hutchison's Three and Telefónica's O2. These and other tie-ins continue to raise questions about how many mobile players are needed for a competitive market and whether consolidation boosts network investment. "It is very interesting times," said Hogan Lovells (London) technology and telecom attorney Don McGown.
European data protection officials are largely in the dark about the EU-U.S. Privacy Shield, said Article 29 Data Protection Working Party (WP) Chairwoman Isabelle Falque-Pierrotin at a Wednesday media briefing. The new arrangement for the trans-Atlantic transfer of Europeans' personal data was announced Tuesday to cheers from industry and skepticism from privacy groups and others (see 1602020040). The WP hasn't seen the documents, so it can't analyze them to see if the new regime is legally binding and relieves all of the concerns raised by the European Court of Justice (ECJ) Schrems decision, Falque-Pierrotin said.
Cyberspace good guys and bad guys have both become more advanced, said the European Union Network and Information Security Agency (ENISA) in a 2015 threat landscape report. While the good guys have shown better cooperation and more orchestrated reactions to cyberthreats, the bad guys "have advanced their malicious tools with obfuscation, stealthiness and striking power," it said. Cloud and mobile computing are the top emerging threats, it said. EU-wide cybersecurity rules are expected to be finalized by summer, said an EU diplomatic source.
Despite a continuing lack of consensus on a new safe harbor agreement, talks between the EU and U.S. are moving quickly, stakeholders said in interviews last week. Those involved are optimistic because there's momentum, said Linklaters (Brussels) privacy and data protection lawyer Tanguy Van Overstraeten. The EU Article 29 Data Protection Working Party (WP) said Oct. 16 if there's no new arrangement with the U.S. by the end of January, and depending on assessment of other data transfer tools, national data protection authorities (DPAs) would take all necessary and appropriate actions, including enforcement, to ensure personal data sent to the U.S. are protected (see 1510160030).
Responses to a European Commission inquiry into possible regulation of Internet platforms show strong opposition to upping the responsibility of service providers for policing content and to the EC's very definition of an online platform. Telco, Internet, consumer and digital rights groups agreed on several of the key issues raised in the consultation on the regulatory environment for platforms, online intermediaries, data and cloud computing and the collaborative economy. The consultation ended Wednesday, and the EC said it will now assess and summarize the results in a report. The commission hasn't posted the responses, but several organizations released theirs and others made them available to us.
Google and Microsoft are among companies that dominated EU lobbying in 2015, said public interest group Transparency International (TI) in December. Last year saw heavy lobbying by the corporate sector on digital economy issues, with Digital Economy Commissioner Günther Oettinger having the most lobby contacts, it said. As lobbying in Brussels heats up, it's also becoming more transparent, TI and others said. The European Commission said it's readying a proposal to make the transparency register mandatory, and several members of the European Parliament (MEPs) are posting records of their meetings with lobbyists. Despite problems such as inaccurate registrations and the predominance of corporate lobbyists, 2016 could be the year when Europe sees major changes in transparency, TI EU Integrity Policy Officer Daniel Freund told us.
While details of the EU General Data Protection Regulation (GDPR) remained sketchy Wednesday because the text of the compromise isn't public, the measure is widely viewed as a major development -- be it good or bad. Privacy lawyers said the legislation will strongly affect the way companies handle data protection responsibilities, partly because of the new, higher penalties. "This will deliver the biggest shake-up in privacy regulation for 20 years," wrote Linklaters (Brussels) Global Head of Privacy and Data Protection Tanguy Van Overstraeten. One industry coalition said the GDPR will scare off investors, while telecom network operators said the agreement will leave in place conflicting rules for telcos and Internet players. Digital rights activists and ISPs said the legislation seemed to lack the ambition of the original European Commission proposal.