Tuesday

26th Jan 2021

Interview

2013: Snowden was 'wake-up call' for GDPR

In the summer of 2013, American whistleblower Edward Snowden leaked highly-classified information from the National Security Agency, revealing that US intelligence services were collecting worldwide user-data from companies like Microsoft, Google, Apple, Yahoo, Facebook and YouTube.

At that time, the then EU commissioner for justice, Viviane Reding, was still trying to find majorities in the European Parliament and the European Council to update the 1995 Data Protection Directive, and replace it with the General Data Protection Regulation (GDPR) - which initially received a lot of criticism from MEPs and member states.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

  • 'The ethical problem comes when people starts handling their personal data without knowing the consequences of what they are doing,' said former justice commissioner Viviane Reding (Photo: eu2013.lt)

The contentious negotiations, very much influenced by intense lobbying from the US, radically changed after Snowden's mass-surveillance revelations.

"The Snowden scandal was a wake-up call, people suddenly understood that something very weird was going on and, all of the sudden, this triggered the question of individual digital rights," Reding told EUobserver.

"Citizens became upset against their governments, member states were aware that they could not block anymore [EU-wide] rules for the protection of digital rights, and European parliamentarians realised that their responsibility was to protect EU citizens' rights," she noted.

"I got a huge majority, almost unanimity, in the council and the parliament thanks to the Snowden revelations, so actually this scandal brought about the GDPR," she pointed out.

The GDPR's primary aim was to harmonise legislation within the bloc, and give back control to individuals over their data - but, so far, it has proven insufficient to change the behaviour of tech giants.

Now two years after its implementation, Reding argues that policymakers should concentrate enforcement efforts on "the systematic stealing of personal data for commercial or political purposes", since big tech companies "continue to steal" the data of individuals, without people's awareness.

"It is not enough to have a law, people need to be aware of what is happening," she said, adding that one of the most deeply-rooted problems of the current online ecosystem is related to this lack of consent.

"The consent [forms] are so complicated that nobody understands them. The law says very clearly that it needs to be explicit consent but, unfortunately, as it stands today, it is a 'tick-the-box' consent," she added.

This meaningless style of 'consent' has entitled big tech companies to gather trillions of data points about their users, for the core purpose of profit-making.

"The ethical problem comes when people start handling their personal data without knowing the consequences of what they are doing," warned Reding.

"But the misuse of personal data in order to influence the individual, against its own will and without that individual exactly knowing what is happening, is the real problem," she added.

The 2018 Cambridge Analytica scandal, in which Facebook users' data was collected without their consent for political advertising, once again set alarm bells ringing about the misuse of such mass-surveillance.

Both the Snowden and Cambridge Analytica scandals also undoubtedly raised awareness, helping citizens to understand the concept behind the 'Data is the New Oil' mantra.

But research shows that many European citizens still do not understand how online companies use their data.

That is why former commissioner Reding hopes for yet another wake-up call "that can help citizens at large understand that their data is something very personal and something that needs to be protected".

This article first appeared in EUobserver's latest magazine, 20 years of European journalism & history, which you can now read in full online.
EU's landmark GDPR failing to live up to full potential

The commission's two-year review also indicates that the authorities based in Ireland and Luxembourg - European headquarters to Google, Facebook, Twitter and Amazon - need a substantial boost in resources.

Will US privacy-lite hollow out GDPR?

Some say GDPR is the most developed data protection law in the world, but the US has opted for a very different approach - a "voluntary tool" based on privacy risk management.

EU warns Romania not to abuse GDPR against press

Romania's data protection authority has threatened a €20m fine against reporters investigating high-level corruption. The European Commission has since issued a warning, telling Romanian authorities to give press exemptions when it comes to privacy rights.

New GDPR enforcer says complaints imminent

The European Data Protection Board is a new EU body tasked with enforcing the EU's privacy laws with powers to impose massive fines. Its head Andrea Jelinek told reporters complaints against companies are expected to be immediate.

Interview

2018: Juncker: Far-right 'never had a chance' against the EU

The far-right rose in power over the span of 2017 and 2018. But for former EU Commission president Jean-Claude Juncker, they never posed a real threat. "They are not right because their basic societal analysis is wrong," he said.

Interview

2020: EU solidarity tested in face of Covid-19 pandemic

When decisive, coordinated action from EU institutions and member states was most needed to respond to the first coronavirus outbreaks, the bloc struggled to find a common and timely response. What lessons have been learned?

News in Brief

  1. AstraZeneca told to meet EU vaccine supply commitments
  2. Estonia to get first woman prime minister
  3. Turkey and Greece to hold Mediterranean security talks
  4. Dutch police detain 240 in anti-lockdown protests
  5. Renewables overtake fossil fuels in EU electricity mix
  6. France's top scientist warns of corona 'emergency'
  7. Growing appetite for Northern Ireland independence
  8. Surge in support for Portuguese far-right party

20 years of EUobserver

Our special anniversary magazine gives an overview of the major events of these past 20 years - and, for every event, we talked to one of the key players. It makes this magazine a document of recent EU history.

Stakeholders' Highlights

  1. UNESDAEU Code of Conduct can showcase PPPs delivering healthier more sustainable society
  2. CESIKlaus Heeger and Romain Wolff re-elected Secretary General and President of independent trade unions in Europe (CESI)
  3. Nordic Council of MinistersWomen benefit in the digitalised labour market
  4. Nordic Council of MinistersReport: The prevalence of men who use internet forums characterised by misogyny
  5. Nordic Council of MinistersJoin the Nordic climate debate on 17 November!
  6. UNESDAMaking healthier diets the easy choice

Latest News

  1. Navalny protests sharpen EU sanctions talks
  2. Why Russia politics threaten European security
  3. MEPs call for workers to have 'right to disconnect'
  4. Reality bites EU's 'No More Morias' pledge
  5. Ten years on from Tahrir: EU's massive missed opportunity
  6. Vaccine delay and Russia sanctions debates This WEEK
  7. Will EU ever take action to stop Israeli settlements?
  8. EU leaders keep open borders, despite new corona variant risk

Join EUobserver

Support quality EU news

Join us