- Minding the gaps
Minding the gaps
The digital economy requires no passport… no special visa. But there’s a problem: different legal systems and cultural norms about privacy make the flow of information across borders a complicated undertaking.
Regulators around the world are struggling right now with how to bridge the various regimes. Data flow can foster economic growth but must respect the privacy rights and expectations of citizens.
Events are unfolding daily that will have global reverberations in the privacy arena. Here’s a look at three current international developments.
The General Data Protection Regulation
After a four-year marathon, an agreement has finally been reached on the reform of Europe's data protection laws. The new General Data Protection Regulation – expected to be formally adopted in the coming months – retains and expandsprivacy rights … supporting a single digital economy across Europe. Most crucially, it reminds people of their data protection rights and organizations of their data protection responsibilities. The new regulation contains many compliance requirements and stronger enforcement. It sets a high water mark for data protection that will reverberate and affect privacy regimes around the world, including in Canada.
Another development with global significance is the off-again, on-againEU-U.S. Safe Harbour agreement…. the 15-year-old arrangement that governed data transfers between the European Union and the U.S. A complaint by Austrian activist Max Schrem, alleging that the data he provided to Facebook was not adequately protected by the agreement, shone a light on a defect of the basis for Safe Harbour. That defect was that Europeans lack redress rights under U.S. law. On October 6, 2015, the European Court of Justice invalidated the adequacy finding on which Safe Harbour is based. This decision of course affects not only Facebook but also thousands of other U.S. companies that do business in Europe. Both sides need to find a link between these regions historically divided by different perspectives on privacy. We recently learned that negotiators have agreed on a framework for Safe Harbour 2.0. This is a first step forward in bridging the regimes, but there are still challenges ahead. One thing we do know is that there will be a stricter regime for U.S. companies.
The Canadian government signed the Trans-Pacific Partnership, or T-P-P, on February 4, 2016, along with 11 other nations. It will be the subject of significant Parliamentary debate and public discussion in the coming months. And of course the deal won’t be sealed unless there is a majority vote supporting it in the House of Commons. Questions are being raised about the impact of this agreement on the data localization requirements in BC and Nova Scotia laws. While the TPP contains exceptions to the general requirement for the free flow of data, some worry that they could be difficult to rely on. I am optimistic that our current privacy safeguards will be maintained through this trade deal. When I talk to British Columbians, they want assurances that their data is shielded from foreign law enforcement orders. The good news is that the BC government has recently committed to retaining current protections in our law.