Today, the European Commission’s Vice President Viviane Reding introduced new and comprehensive legislation on data protection. This proposal is part of the review of the EU’s current data protection legislation, the data protection directive. This directive has been one of the leading approaches to protecting privacy in the world. It helped focus member state regulators on a technology neutral approach, structured around flexible principles which were articulated previously in the 1980 OECD privacy guidelines. Intel believes these principles are still valid and the technology neutral approach is still critical to foster innovation and economic growth. However, the directive also was not implemented uniformly and has created several overly bureaucratic structures (e.g. database registration and notification), which require modernization.
Intel welcomes strong legislation
Intel supports robust, harmonized and predictable privacy protections. From that perspective, we welcome the new proposals by the European Commission. We think this is an opportunity to streamline and harmonize the different rules and bring more predictability not only to organizations but more importantly to users who want to trust the information society and the devices and services that drive it.
International data transfers are a key component of the global information society. Intel believes simplifying processes for global data transfer is critical and in particular welcomes the acknowledgement of the growing importance of Binding Corporate Rules (BCR). On Friday 20th January, Intel announced the Irish Data Protection Commissioner’s approval of Intel’s BCRs (known as the Intel Corporate Privacy Rules), and we are looking forward to sharing our positive experiences during this legislative process. For Intel, these BCRs apply to our operations globally, as today’s economy requires data to flow worldwide. European regulators need to continue to focus on how their regulation can be compatible with approaches in other geographies.
Intel supports a legal framework which focuses on outcomes rather than prescriptive rules. The foundation of such a framework should be organizations demonstrating that they manage personal data responsibly. BCRs are one mechanism for demonstrating such responsibility, but regulators should continue to explore other alternatives that can scale to small and medium businesses without creating administrative burdens which could chill innovation and economic growth.
This proposal will now be discussed within the European Parliament and the different EU Member States. These discussions will be lengthy and challenging. However, the fact that these discussions will occur in Europe and globally is an opportunity to bring all stakeholders together and ensure a joint path forward that will stand the test of time.
Finally, Intel would like to commend Vice President Reding and her team within the European Commission’s DG Justice for their efforts over the past years to involve all stakeholders in this crucial debate. Having such a comprehensive proposal on the table is a huge effort and although there is still room for improvement on several aspects, Intel is looking forward to working with all stakeholders to create a policy environment that promotes trust in the use of technology