Academic journal article Houston Journal of International Law

The Perfect Storm: The Safe Harbor and the Directive on Data Protection

Academic journal article Houston Journal of International Law

The Perfect Storm: The Safe Harbor and the Directive on Data Protection

Article excerpt

I. INTRODUCTION

With the stunning recent growth of international electronic commerce, issues of personal privacy have become far more visible. Consumers express increasing concern with the ability to control their private information, and many nations are responding by considering or passing regulations. (1) Such regulations are classified as data protection laws. (2)

The concept of data protection in U.S. law falls within the loose conglomeration of rights that comprise privacy law. The terms are often muddied, and require a clearer definition. As Professor Joel Reidenberg has suggested, "The terminology for standards of fair information practice has been poorly defined in the United States" (3) He continues:

 
   The term "privacy" is often used to describe the allocation of rights to 
   personal information. This rhetoric is confusing. "Privacy" serves as a 
   catch-all term, protecting a variety of interests ranging from government 
   intrusion into the bedroom to the inviolability of telephone 
   communications. Although fair information practices may be subsumed under 
   the broad "privacy" label, the standards represent a narrower and distinct 
   interest: maintaining the integrity of personal information and fairness to 
   the individuals about whom the data relates. Specifically, such standards 
   apply to the collection, storage, use, and disclosure of personal 
   information. (4) 

U.S. privacy laws generally deal with concepts of "invasion." (5) They stem from what Warren and Brandeis immortalized as "the right to be let alone" in their landmark Harvard Law Review article first arguing for the creation of an individual right to privacy. (6) Privacy laws also deal with the specific disclosure of "private" facts; behind this apparent tautology is the concept that freely available information should be unprotected. (7) Privacy laws function more to define what is not protected than what is.

Both of these legal foundations will have difficulty weathering new technologies and attitudes about personal data privacy. The invasion concept, while flexible to a point, may fail to encompass broad issues of the passivity of modern data collection. (8) Further, the collection of such information, even if seen as publicly available and not worthy of protection, is significantly impacted by the new ability to store and analyze enormous amounts of such information. New technologies allow the creation of massive databases of so-called public information, which while unprotected by U.S. law, may reveal singly private patterns. (9)

These technologies also impact the psychological foundations of privacy laws. The new passivity of collection and the ease with which such data is used and transferred has begun to create growing concerns among American consumers about electronic privacy. (10)

The foundry for much change in data protection legislation has been the European Union. European data protection standards have gradually evolved to address the issues above, granting broad rights to data subjects in an effort to address the passivity issue, and broad control rights to deal with the potential for escalating secondary uses. (11)

Two documents in the 1980s, the Organisation for Economic Cooperation and Development's (OECD's) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, (12) and the Council of Europe's Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data, (13) were the first European attempts to consolidate and harmonize national data protection legislation.

The range of these documents was extended by an E.U. directive, Directive 95/46/EC of the European Parliament and the Council of 24 October 1995 on the Protection of Individuals with Regard to the Processing of Personal Data and the Free Movement of Such Data. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.