Friday

29th Mar 2024

Austria accused of undermining new EU data law

  • Some 24 EU states are still not ready for the general data protection regulation (GDPR), which is due to come in at the end of May (Photo: Pixabay)

Three years ago Austria's justice minister complained that the EU's forthcoming data protection rules were too weak. Today, the right-wing government in Vienna says they are too strong.

Austria's governing conservative OVP and far-right FPO parties passed a law last month that critics have said complicates enforcement of new EU-wide data protection rules set for an end of May launch.

Read and decide

Join EUobserver today

Get the EU news that really matters

Instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

German Green MEP Jan Philipp Albrecht, who steered the new rules through the European Parliament, told EUobserver on Thursday (3 May) the changes reflect the conservative government under chancellor Sebastian Kurz.

"Before it was OVP and SPO, who were still very much in the mood of having strong data protection along with Austrian standards, which are very high... now, with the Kurz and the FPO, I think the policy has completely changed," he said.

Albrecht said the governing parties in Vienna are trying to turn the country into a sort of 'safe haven' - by complicating enforcement of the new EU data rules, known as the general data protection regulation (GDPR).

Those new EU rules will be enforced as of 25 May by the national data protection authorities and aim, among other things, to hand back the control of personal data to citizens.

Austria's data protection authority (DPA) is led by Andrea Jelinek - who is also slated to become the head of the upcoming European Data Protection Board.

The board will be key to imposing the new rules.

New law

But the new Austrian law demands Jelinek first issues warnings before launching sanctions against violating firms. Heise.de, which first reported the last minute amendments, said it means most infringements will go unpunished.

Imposing such a rule may be seen as government encroachment or as an effort to sow confusion given data authorities are supposed to be entirely independent. The move was also noticeably praised by Austrian trade associations.

"In the end it really doesn't make a big difference," admitted Albrecht, noting that the DPA will still be able to issue sanctions without warnings if there is a very severe infringement.

But he pointed out that the GDPR says sanctions are imposed by DPAs without any condition, and without a room for specification, or changes to member states' law.

Matthias Schmidl, deputy head of the Austrian Data Protection Authority, told EUobserver in an email that they will still decide on a case-by-case basis whether to impose administrative fines or not - even if it is the first violation.

He also said that "the wording of the said provision is very open and allows an interpretation" within the EU regulation.

Lack of preparation?

But such issues and others are also raising serious concerns on how prepared those meant to enforce the new data rules will actually be.

Earlier this year, EU commissioner for justice Vera Jourova warned that only Austria and Germany had so far passed the national laws needed to ensure data protection authorities are fully equipped to give GDPR teeth.

Sweden and Slovakia have since passed similar laws - while everyone else is lagging behind, according to the International Association of Privacy Professionals (IAPP).

It noted, in a blog post last week, that EU states need to spell out exemptions in national laws, regarding certain categories of data dealing with things such as ethnic origin or religious beliefs.

Among the biggest laggards, it also noted, are home countries to EU justice commissioner Jourova (Czech Republic) and digital commissioner Mariya Gabriel (Bulgaria).

This article was updated at 10:55 on Monday (7 May). The original article stated that Belgium had updated its national law to ensure its data protection authority is ready to enforce GDPR, when in fact it is Sweden.

26 EU states not ready for data law

The European Commission on Wednesday said only Austria and Germany have passed the relevant draft laws needed to ensure the launch of the EU's general data protection regulation on 25 May:

Eight countries to miss EU data protection deadline

The EU starts enforcing its general data protection regulation on 25 May - but Belgium, Bulgaria, Cyprus, Czech Republic, Greece, Hungary, Lithuania and Slovenia won't be ready. The delay will cause legal uncertainty.

Are EU data watchdogs staffed for GDPR?

The success of the new general data protection regulation (GDPR) will depend on whether data protection authorities enforce the new rules - which, in turn, will be at least partly determined by how many people they employ.

Opinion

Potential legal avenues to prosecute Navalny's killers

The UN could launch an independent international investigation into Navalny's killing, akin to investigation I conducted on Jamal Khashoggi's assassination, or on Navalny's Novichok poisoning, in my role as special rapporteur on extrajudicial executions, writes the secretary-general of Amnesty International.

Opinion

I'll be honest — Moldova's judicial system isn't fit for EU

To state a plain truth: at present, Moldova does not have a justice system worthy of a EU member state; it is riven with corruption and lax and inconsistent standards, despite previous attempts at reform, writes Moldova's former justice minister.

Latest News

  1. Kenyan traders react angrily to proposed EU clothes ban
  2. Lawyer suing Frontex takes aim at 'antagonistic' judges
  3. Orban's Fidesz faces low-polling jitters ahead of EU election
  4. German bank freezes account of Jewish peace group
  5. EU Modernisation Fund: an open door for fossil gas in Romania
  6. 'Swiftly dial back' interest rates, ECB told
  7. Moscow's terror attack, security and Gaza
  8. Why UK-EU defence and security deal may be difficult

Stakeholders' Highlights

  1. Nordic Council of MinistersJoin the Nordic Food Systems Takeover at COP28
  2. Nordic Council of MinistersHow women and men are affected differently by climate policy
  3. Nordic Council of MinistersArtist Jessie Kleemann at Nordic pavilion during UN climate summit COP28
  4. Nordic Council of MinistersCOP28: Gathering Nordic and global experts to put food and health on the agenda
  5. Friedrich Naumann FoundationPoems of Liberty – Call for Submission “Human Rights in Inhume War”: 250€ honorary fee for selected poems
  6. World BankWorld Bank report: How to create a future where the rewards of technology benefit all levels of society?

Stakeholders' Highlights

  1. Georgia Ministry of Foreign AffairsThis autumn Europalia arts festival is all about GEORGIA!
  2. UNOPSFostering health system resilience in fragile and conflict-affected countries
  3. European Citizen's InitiativeThe European Commission launches the ‘ImagineEU’ competition for secondary school students in the EU.
  4. Nordic Council of MinistersThe Nordic Region is stepping up its efforts to reduce food waste
  5. UNOPSUNOPS begins works under EU-funded project to repair schools in Ukraine
  6. Georgia Ministry of Foreign AffairsGeorgia effectively prevents sanctions evasion against Russia – confirm EU, UK, USA

Join EUobserver

EU news that matters

Join us