In response to her letter to the Financial Times, ORG and Privacy International have written to Liberal Democrat MEP Baroness Sarah Ludford urging her to support stronger privacy rights in the upcoming and crucial LIBE Committee vote.
We have joined up with Privacy International to send a joint letter to Baroness Sarah Ludford about the Data Protection Regulation, urging her to support a strong law that gives people meaningful control over their personal information. You can read our letter below.
This is a response to a letter Baroness Ludford wrote to the Financial Times on March 10th. In it she suggests that aspects of the Regulation are 'inflexible, bureaucratic or not user-friendly', suggesting that she is sympathetic to the voices of industry and would like to see important bits of the proposed law weakened. As we explain in the letter, we believe this would severely undermine people's privacy and take control over data away from individuals.
This is important because Baroness Ludford sits on the crucial LIBE Committee, which is the lead committee for the Data Protection Regulation in the European Parliament. LIBE will vote on an opinion soon, and this will be a crucial factor in what sort of Regulation we end up with. So Baroness Ludford's position is extremely important.
Baroness Ludford is a Liberal Democrat MEP for London. If you live in London, please write to her now and ask her to vote for a Regulation that gives people meaningful control over their information, and which makes sure those who collect and use it play by the rules.
You can contact Baroness Ludford using our easy email tool. For more background on the key issues, see our short briefing. We have also analysed why some of the amendments proposed by organisations such as Amazon would be bad news for our privacy rights. For more information on the process, see EDRi's excellent guide to the Regulation. If you would like more information please contact me at firstname.lastname@example.org
Dear Baroness Ludford,
We are writing to you regarding the draft Data Protection Regulation and in particular your response to the article in the Financial Times (‘Privacy need not be compromised', March 10th).
We represent two leading London-based organisations – Privacy International and the Open Rights Group – that promote the privacy interests of citizens in the UK and internationally. We have been deeply involved in the proposed change of legislation right from its consultation stages back in 2009, and are pleased to see a proposal that could help give people more control over how their information is used, as well as ensure that those collecting and using it play by the rules.
Yet in your letter in the Financial Times, consumers and citizens, the so-called ‘data subjects’ do not merit a mention; instead you quote only the opinions of those that make use their data.
We believe most of the concerns of the constituencies you cite in the letter can be addressed without broad amendments that undermine the principle of giving people more meaningful control over their data.
More fundamentally, however, there is a large body of evidence that demonstrates why stronger privacy rights for people across the EU are needed. This evidence shows that current laws are left behind by unprecedented developments in data mining technologies, and that the attitudes and lack of trust of consumers and citizens can act as a real barrier to innovation and further development of online business.
For example: a Eurobarometer survey found that 70% of Europeans are concerned about companies using information for a purpose different to the one it was collected for. The UK was highest at 80%. An Ovum study found that only 14 percent of respondents believe that Internet companies are honest about their use of consumers’ personal data.That is having a stunting effect on Internet markets. A study for the EU Executive Agency for Health and Consumers in 2011 found that 29% of people say concerns about the misuse of personal data or payment details is a key factor in them not shopping online.
This is a regulatory regime not fit for the digital age.
This is why we are dismayed at efforts in the European Parliament Committees to weaken the Regulation by narrowing the scope, weakening the definition of consent, undermining the rights to erasure and 'portability' and creating broad 'legitimate interest' carve outs. Some of the committees have weakened the rights to the extent that we are convinced their redrafted Regulation would not stand the test of Article 8 of the EU Charter of Fundamental Rights.
Personal data is increasingly used as the basis for decisions by institutions and organisations that affect people in myriad ways - our profiles affect everything from the marketing offers we receive through to the credit ratings and insurance decisions we are subject to. Putting people in control of their data is to give them a meaningful stake in those decisions. It should be an integral part of a liberal democratic digital economy.
We urge you to put the interests of citizens at the heart of your thinking in the upcoming LIBE Committee vote. We have asked for meetings with you in person, and would request so again either during our forthcoming visit to Brussels in the week of the 8th of April, or here in London at your convenience.
Anna Fielder, Privacy International, email@example.com
Peter Bradwell, Open Rights Group, firstname.lastname@example.org
 Our detailed positions and blogs on the EU data protection legislative package are available on www.privacyinternational.org and www.openrightsgroup.org
 See also this privacy manifesto published in January 2013 by Europe’s most prominent civil society organisations and leading academics: http://brusselsdeclaration.net/