European privacy reform is broken badly

Brussels, Belgium — New leaked documents show that European Union Member States, led by Germany, are systematically working to destroy the fabric of European privacy legislation. Under the current proposals, far from being provided with security fit for the digital age, Europe’s citizens right to data protection would be devoid of meaning.

“For the past three years, the EU’s privacy reform effort has been faced with an unprecedented level of lobbying from companies and foreign governments,” said Raegan MacDonald, European Policy Manager at Access. “It’s devastating to see that EU member states are now gutting the proposal, undermining our fundamental right to privacy when we need it most. They’re carving out so many loopholes there’ll soon be nothing left.”

Leaked proposals from the Council

According to the leaked proposals, crucial privacy protections have been drastically undermined, including the right to be asked for consent for the use of your data, the right to know how your data are used, the right to object to your data being used, and the minimum standards of behaviour required by companies that wish to exploit the data of individuals. In several places, the text would not likely pass judicial scrutiny under Europe’s human rights framework.


In 2012, the European Commission proposed regulations to modernise and reform European privacy legislation that were amended and accepted by the European Parliament in 2014. The update was urgently needed due to the challenges of new technology. From online profiling, to the digitisation of health data and online tracking — every corner of our lives is increasingly being invaded by “big data.” Corporations and governments know more about our own preferences, our motivations, our health, our relationships and our politics than even our closest friends or family.

What happens next?

The Council aims to complete its work on the Data Protection Regulation by the summer before negotiating with the Parliament on a compromise.

“The reform effort will be worthless if the final result falls beneath the standards we already have in the EU today,” continued MacDonald. “It’s critical for the Council to amend its position, or it will harm the rights to privacy and data protection in spirit and practice.”


Background & leaked documents

Comparison of European Parliament’s first reading text with Council proposal here

Council text on the One-stop-shop mechanism from 25.02.2015 here

Council text on the Right to be forgotten – Dispute settlement from 09.02.2015 here

Council text on Further processing, consent from 26.02.2015 here

Council text on Information and right to object from 26.02.2015 here

Access, EDRi, Panoptykon Foundation and Privacy International analysis of the Council proposals here