For companies doing business in the European Union, the EU’s strong customer data privacy protections, enacted in its 1995 Data Protection Directive and other laws, have long presented challenges. Numerous major U.S. organizations have faced fines and other actions for noncompliance despite a safe harbor provision. Now other countries appear to be moving toward the EU’s more protective model.
“When you think about it, the U.S. appears to be more and more alone in this area,” says Justin Brookman, director of the Center for Democracy and Technology.
That can make doing business globally even more difficult for U.S. firms. Some experts also say a perceived lack of U.S. privacy protections may hold additional risks for U.S. businesses. The United States could be especially at risk of losing competiveness in areas such as the Internet, cloud computing, and other technological developments, for example.
“A ‘we don’t care about privacy’ attitude from the United States creates major risks for U.S. jobs, exports, and businesses,” said Peter Swire, a professor of law at Ohio State University, at a recent House Energy and Commerce Committee hearing. “The lack of U.S. privacy rules can become a powerful excuse for protectionism, risking U.S. jobs and the sales of U.S.-based businesses,” he noted.
But major pro-consumer revisions to existing U.S. data protection and privacy laws are highly unlikely in the current political and business environment. Far more likely to be successful is some type of new collaborative approach to working with trading partners that combines industry support and reasonable enforcement mechanisms.
That type of collaborative —rather than coercive—approach is included in the proposals in a working draft paper (called the green paper). Originally put out for discussion in December 2010 by the U.S. Commerce Department, the paper proposed new types of structures for working with EU member states and other nations to smooth over trade-related frictions, possibly creating new government-industry groups backed by stronger regulatory enforcement. The proposals were among the issues discussed at the recent congressional hearing.