May 10, 1997

Article at New Scientist

View original

NEWS | Europe gets tough on data privacy

Wilson da Silva, Sydney 

THE Australian government’s decision to loosen its data protection laws could trigger a “data boycott” by the European Union. Experts predict that a flare-up between the EU and Australia could be followed by a clash between Europe and the US.

Australian Prime Minister John Howard last month abandoned an election promise to extend to businesses the privacy laws that now apply to government agencies. And the finance minister, John Fahey, now says that controls on the use of personal data held by the government will be relaxed so that some work done by civil servants can be contracted out to the private sector. Companies will sign guarantees restricting the use of data and ensuring privacy.

The problem is that the EU passed a privacy directive last year, which will come into force in July next year. It requires that member nations “take the measures necessary to prevent any transfer of data” to a third country that does not have “an adequate level of protection”.

“If the directive is invoked, we could find ourselves in a bit of trouble,” says John Taggart, a lecturer in computers and the law at the University of Technology in Sydney. “It cuts off the right for [EU countries] to trade information with Australia.”

This could affect transfers of electronic data, including credit card details, bank Personal Identification Numbers and health records. It could even prevent scientists from transferring data to Australian colleagues, if the information would allow people living in the EU to be identified.

The London-based group Privacy International, which raises awareness of surveillance by governments and corporations, has started lobbying European governments to restrict the trade of data with Australia until the Australian government tightens its legislation.

If the blockade of Australia goes ahead, the US could be the next target. Roger Clarke of the Australian National University in Canberra, an expert on privacy law, says that US data protection laws also fall short of the standards laid down in the European directive.