<h1>How Europe is dealing with online privacy</h1>
<div class="cnnByline">By <strong>Viviane Reding</strong>, Special to CNN</div><br><em><strong>Editor's note:</strong> <a href="http://ec.europa.eu/commission_2010-2014/reding/index_en.htm" target="_blank">Viviane Reding</a> is the vice president of the <a href="http://ec.europa.eu/index_en.htm" target="_blank">European Commission</a>.</em>
<p><strong>(CNN)</strong> -- Today, we live in a world of breathtaking
possibilities. We can send instant messages to our loved ones on the
other side of the world at the tap of a finger. We can share vacation
photos with friends in real time. We can entrust our private data to a
cloud service provider without having to worry about storage space.</p>
<p>All this technological advancement helps drive innovation, growth and
job creation. In Europe, we are embracing these changes. But alongside
progress, we are faced with new regulatory challenges.</p>
<p>In a recent poll, <a href="http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/742&format=HTML&aged=0&language=EN&guiLanguage=en" target="_blank">72% of Europeans said they are concerned about how companies use their personal data</a>.
Worries about online privacy are one of the most frequent reasons for
why people don't buy goods and services on the Web. Our confidence in a
digital future will depend on whether we know that our data will be
safely protected.</p>
<p>Consumers are not the only ones concerned; businesses are, too.
Companies have to navigate 27 sometimes contradictory data protection
rules across the 27 European Union countries. The current rules are
antiquated; they were drawn up in 1995 and predate the widespread use of
the Internet.</p>
<p>That is why, last month, I proposed <a href="http://ec.europa.eu/justice/newsroom/data-protection/news/120125_en.htm" target="_blank">reforming the data protection rules</a>.
Our goal is to make the common market for European goods and services
more accessible to businesses and consumers, boost our economy and set
an international standard for online privacy.</p>
<p>In Europe, the protection of personal data is a fundamental right. This right is clearly stated in the <a href="http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:C:2008:115:0047:0199:en:PDF" target="_blank">European Union Treaty</a> and <a href="http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:en:HTML" target="_blank">legislation</a>. To make this right effective, people need to be in control of their own data.</p>
<p>So, what will the new rules do?</p>
<p>First of all, people need to be informed about how their data will be
used in clear and simple language: what data are collected, for what
purposes and for how long they will be stored. People need to be able to
make an informed decision about what to disclose, when and to whom.</p>
<p>Second, people have to give explicit consent before their personal
data -- contact lists, photos or e-mails -- are used. Companies cannot
use it for purposes other than what was agreed upon.</p>
<p>Third, people will have better control over their own data. They need
to be able to access their own data, to easily take them to another
provider or have them deleted if they no longer want them to be used.
This is what I call the right to be forgotten. We want to clarify that
people shall have the right -- and not only the "possibility" -- to
withdraw their consent.</p>
<p>Finally, individuals must be swiftly informed when their personal
data are lost, stolen or hacked. Online security breaches affect
millions of people around the world. Companies must inform the data
protection authorities and the people affected right away, preferably
within 24 hours.</p>
<p>But the new European Union rules are not only about helping
consumers. They will also help businesses in three key ways. First, they
create legal certainty by replacing the current patchwork of laws in
Europe with a single set of rules for all 27 European Union countries.</p>
<p>Second, the regulatory environment will be simplified by cutting out
red tape when we introduce a one-stop shop for businesses to deal with
regulators. In the future, companies will have to deal only with the
data protection authorities in the European Union country in which they
are based. This will reduce administrative burdens and will save
businesses about €2.3 billion a year.</p>
<p>Finally, the new rules will provide clarity for international data
transfers. Personal data can be collected in Berlin and processed in
Bangalore. We should improve the current system of binding corporate
rules to make these types of exchanges less burdensome and more secure.</p>
<p>The end result is that companies will be able to sell goods and
services under the same data protection rules to the entire European
Union, a market of <a href="http://epp.eurostat.ec.europa.eu/cache/ITY_PUBLIC/3-28072011-AP/EN/3-28072011-AP-EN.PDF" target="_blank">500 million people</a>. What a great business opportunity.</p>
<p>These new rules are designed to stand the test of time. They will
give people control of their own personal data while making life easier
for companies as well.</p>
<p>Online privacy and personal data protection is a global challenge. As
Europe tackles reform, I hope these proposed rules will inspire other
countries that are grappling with privacy issues, like the United
States.
</p><div class="cnn_strycntntrgt"><br>
</div><br clear="all"><br>-- <br>Art Deco (Wayne A. Fox)<br><a href="mailto:art.deco.studios@gmail.com" target="_blank">art.deco.studios@gmail.com</a><br>