Monday

6th Apr 2020

Austria accused of undermining new EU data law

  • Some 24 EU states are still not ready for the general data protection regulation (GDPR), which is due to come in at the end of May (Photo: Pixabay)

Three years ago Austria's justice minister complained that the EU's forthcoming data protection rules were too weak. Today, the right-wing government in Vienna says they are too strong.

Austria's governing conservative OVP and far-right FPO parties passed a law last month that critics have said complicates enforcement of new EU-wide data protection rules set for an end of May launch.

Read and decide

Join EUobserver today

Support quality EU news

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

German Green MEP Jan Philipp Albrecht, who steered the new rules through the European Parliament, told EUobserver on Thursday (3 May) the changes reflect the conservative government under chancellor Sebastian Kurz.

"Before it was OVP and SPO, who were still very much in the mood of having strong data protection along with Austrian standards, which are very high... now, with the Kurz and the FPO, I think the policy has completely changed," he said.

Albrecht said the governing parties in Vienna are trying to turn the country into a sort of 'safe haven' - by complicating enforcement of the new EU data rules, known as the general data protection regulation (GDPR).

Those new EU rules will be enforced as of 25 May by the national data protection authorities and aim, among other things, to hand back the control of personal data to citizens.

Austria's data protection authority (DPA) is led by Andrea Jelinek - who is also slated to become the head of the upcoming European Data Protection Board.

The board will be key to imposing the new rules.

New law

But the new Austrian law demands Jelinek first issues warnings before launching sanctions against violating firms. Heise.de, which first reported the last minute amendments, said it means most infringements will go unpunished.

Imposing such a rule may be seen as government encroachment or as an effort to sow confusion given data authorities are supposed to be entirely independent. The move was also noticeably praised by Austrian trade associations.

"In the end it really doesn't make a big difference," admitted Albrecht, noting that the DPA will still be able to issue sanctions without warnings if there is a very severe infringement.

But he pointed out that the GDPR says sanctions are imposed by DPAs without any condition, and without a room for specification, or changes to member states' law.

Matthias Schmidl, deputy head of the Austrian Data Protection Authority, told EUobserver in an email that they will still decide on a case-by-case basis whether to impose administrative fines or not - even if it is the first violation.

He also said that "the wording of the said provision is very open and allows an interpretation" within the EU regulation.

Lack of preparation?

But such issues and others are also raising serious concerns on how prepared those meant to enforce the new data rules will actually be.

Earlier this year, EU commissioner for justice Vera Jourova warned that only Austria and Germany had so far passed the national laws needed to ensure data protection authorities are fully equipped to give GDPR teeth.

Sweden and Slovakia have since passed similar laws - while everyone else is lagging behind, according to the International Association of Privacy Professionals (IAPP).

It noted, in a blog post last week, that EU states need to spell out exemptions in national laws, regarding certain categories of data dealing with things such as ethnic origin or religious beliefs.

Among the biggest laggards, it also noted, are home countries to EU justice commissioner Jourova (Czech Republic) and digital commissioner Mariya Gabriel (Bulgaria).

This article was updated at 10:55 on Monday (7 May). The original article stated that Belgium had updated its national law to ensure its data protection authority is ready to enforce GDPR, when in fact it is Sweden.

26 EU states not ready for data law

The European Commission on Wednesday said only Austria and Germany have passed the relevant draft laws needed to ensure the launch of the EU's general data protection regulation on 25 May:

Eight countries to miss EU data protection deadline

The EU starts enforcing its general data protection regulation on 25 May - but Belgium, Bulgaria, Cyprus, Czech Republic, Greece, Hungary, Lithuania and Slovenia won't be ready. The delay will cause legal uncertainty.

Are EU data watchdogs staffed for GDPR?

The success of the new general data protection regulation (GDPR) will depend on whether data protection authorities enforce the new rules - which, in turn, will be at least partly determined by how many people they employ.

News in Brief

  1. Three arrested in deadly French 'terror' attack
  2. Greece quarantines two migrant camps
  3. UK premier Boris Johnson hospitalised with coronavirus
  4. Former Libyan rebel leader Jibril dies of corona
  5. EU waives customs duties, VAT on vital medical imports
  6. Air France-KLM seeks state-backed loans
  7. New ventilators for EU will take time, commission says
  8. Drugs firms managing to meet demand, EU says

Polish 'LGBTI-free zones' not ok, says EU commission

The European Commissioner for equality Helena Dalli has said the distribution of 'LGBTI-free zones' stickers or the adoption of anti-LGBTI resolutions cannot be allowed. Some 86 towns in Poland have so far declared themselves 'LGBTI-free zones'.

Stakeholders' Highlights

  1. UNESDAMaking Europe’s Economy Circular – the time is now
  2. Nordic Council of MinistersScottish parliament seeks closer collaboration with the Nordic Council
  3. UNESDAFrom Linear to Circular – check out UNESDA's new blog
  4. Nordic Council of Ministers40 years of experience have proven its point: Sustainable financing actually works
  5. Nordic Council of MinistersNordic and Baltic ministers paving the way for 5G in the region
  6. Nordic Council of MinistersEarmarked paternity leave – an effective way to change norms

Latest News

  1. Coronabonds clash continues This WEEK
  2. EU depicts Africa's health system as a threat
  3. Greenland watches ... and waits for virus
  4. Coronavirus exposes lack of common data approach
  5. Virus recovery talks should ditch old taboos: EU's Vestager
  6. EU's 'Irini' Libya mission: Europe's Operation Cassandra
  7. Slovak army deployed to quarantine Roma settlements
  8. Lockdown: EU officials lobbied via WhatsApp and Skype

Join EUobserver

Support quality EU news

Join us