Tuesday

29th Sep 2020

Austria accused of undermining new EU data law

  • Some 24 EU states are still not ready for the general data protection regulation (GDPR), which is due to come in at the end of May (Photo: Pixabay)

Three years ago Austria's justice minister complained that the EU's forthcoming data protection rules were too weak. Today, the right-wing government in Vienna says they are too strong.

Austria's governing conservative OVP and far-right FPO parties passed a law last month that critics have said complicates enforcement of new EU-wide data protection rules set for an end of May launch.

Read and decide

Join EUobserver today

Support quality EU news

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

German Green MEP Jan Philipp Albrecht, who steered the new rules through the European Parliament, told EUobserver on Thursday (3 May) the changes reflect the conservative government under chancellor Sebastian Kurz.

"Before it was OVP and SPO, who were still very much in the mood of having strong data protection along with Austrian standards, which are very high... now, with the Kurz and the FPO, I think the policy has completely changed," he said.

Albrecht said the governing parties in Vienna are trying to turn the country into a sort of 'safe haven' - by complicating enforcement of the new EU data rules, known as the general data protection regulation (GDPR).

Those new EU rules will be enforced as of 25 May by the national data protection authorities and aim, among other things, to hand back the control of personal data to citizens.

Austria's data protection authority (DPA) is led by Andrea Jelinek - who is also slated to become the head of the upcoming European Data Protection Board.

The board will be key to imposing the new rules.

New law

But the new Austrian law demands Jelinek first issues warnings before launching sanctions against violating firms. Heise.de, which first reported the last minute amendments, said it means most infringements will go unpunished.

Imposing such a rule may be seen as government encroachment or as an effort to sow confusion given data authorities are supposed to be entirely independent. The move was also noticeably praised by Austrian trade associations.

"In the end it really doesn't make a big difference," admitted Albrecht, noting that the DPA will still be able to issue sanctions without warnings if there is a very severe infringement.

But he pointed out that the GDPR says sanctions are imposed by DPAs without any condition, and without a room for specification, or changes to member states' law.

Matthias Schmidl, deputy head of the Austrian Data Protection Authority, told EUobserver in an email that they will still decide on a case-by-case basis whether to impose administrative fines or not - even if it is the first violation.

He also said that "the wording of the said provision is very open and allows an interpretation" within the EU regulation.

Lack of preparation?

But such issues and others are also raising serious concerns on how prepared those meant to enforce the new data rules will actually be.

Earlier this year, EU commissioner for justice Vera Jourova warned that only Austria and Germany had so far passed the national laws needed to ensure data protection authorities are fully equipped to give GDPR teeth.

Sweden and Slovakia have since passed similar laws - while everyone else is lagging behind, according to the International Association of Privacy Professionals (IAPP).

It noted, in a blog post last week, that EU states need to spell out exemptions in national laws, regarding certain categories of data dealing with things such as ethnic origin or religious beliefs.

Among the biggest laggards, it also noted, are home countries to EU justice commissioner Jourova (Czech Republic) and digital commissioner Mariya Gabriel (Bulgaria).

This article was updated at 10:55 on Monday (7 May). The original article stated that Belgium had updated its national law to ensure its data protection authority is ready to enforce GDPR, when in fact it is Sweden.

26 EU states not ready for data law

The European Commission on Wednesday said only Austria and Germany have passed the relevant draft laws needed to ensure the launch of the EU's general data protection regulation on 25 May:

Eight countries to miss EU data protection deadline

The EU starts enforcing its general data protection regulation on 25 May - but Belgium, Bulgaria, Cyprus, Czech Republic, Greece, Hungary, Lithuania and Slovenia won't be ready. The delay will cause legal uncertainty.

Are EU data watchdogs staffed for GDPR?

The success of the new general data protection regulation (GDPR) will depend on whether data protection authorities enforce the new rules - which, in turn, will be at least partly determined by how many people they employ.

News in Brief

  1. Spanish court defenestrates Catalan leader
  2. Report: EU helped Taiwan on name dispute
  3. Belarusian writer goes to Germany for treatment
  4. Rapid Covid-19 tests for developing world imminent
  5. Dutch advised against 'non-essential' travel to Belgium
  6. Covid-19 hit Roma community hard, report finds
  7. Merkel visited Navalny in Berlin hospital
  8. EU's new raw materials strategy 'threatens' climate action

EUobserver under attack in wider battle for EU free press

If EU citizens want to know the truth, then journalists need protection from malicious litigation, as EUobserver joined the list of targets, over an article about the late Maltese journalist Daphne Caruana Galizia.

Stakeholders' Highlights

  1. Nordic Council of MinistersNordic Council meets Belarusian opposition leader Svetlana Tichanovskaja
  2. Nordic Council of MinistersNordic Region to invest DKK 250 million in green digitalised business sector
  3. UNESDAReducing packaging waste – a huge opportunity for circularity
  4. Nordic Council of MinistersCOVID-19 halts the 72nd Session of the Nordic Council in Iceland
  5. Nordic Council of MinistersCivil society a key player in integration
  6. UNESDANext generation Europe should be green and circular

Latest News

  1. EU tries to avoid lockdowns as global death toll reaches 1m
  2. Reports: Turkey sent Syrian fighters to Azerbaijan
  3. German presidency tries to end EU's rule-of-law battle
  4. 'Sponsored returns' may shuffle failed asylum seekers around EU
  5. German wins election to be mayor of Romania's third city
  6. Minsk on the edge means whole Eastern Partnership is at risk
  7. Caucasus warfare prompts EU alarm
  8. Summit reloaded and last Brexit round This WEEK

Stakeholders' Highlights

  1. Nordic Council of MinistersNEW REPORT: Eight in ten people are concerned about climate change
  2. UNESDAHow reducing sugar and calories in soft drinks makes the healthier choice the easy choice
  3. Nordic Council of MinistersGreen energy to power Nordic start after Covid-19
  4. European Sustainable Energy WeekThis year’s EU Sustainable Energy Week (EUSEW) will be held digitally!
  5. Nordic Council of MinistersNordic states are fighting to protect gender equality during corona crisis
  6. UNESDACircularity works, let’s all give it a chance

Join EUobserver

Support quality EU news

Join us