Progress Software attacks EU data protection reforms
SaaS provider hits out at proposals, and incurs the wrath of privacy campaign group for its trouble.
Software-as-a-Service provider Progress Software has rubbished the European Union’s proposed European Data Protection Regulation in an open letter.
The EU put forward proposals to overhaul existing data protection laws, which have been in place for nearly 20 years, in January.
The new regulations will, the supranational body claimed, strengthen online privacy rights and boost Europe’s digital economy.
“Technological progress and globalisation have profoundly changed the way our data is collected, accessed and used. In addition, the 27 EU Member States have implemented the 1995 rules differently, resulting in divergences in enforcement," said an EU statement.
"A single law will do away with the current fragmentation and costly administrative burdens, leading to savings for businesses of around €2.3 billion a year."
In an open letter to the EU, Progress Software's technical marketing manager, Gary Calcott, welcomed efforts to protect the data of European citizens, but claimed the plans would be beset by problems.
He also added that, in the digital age, the collection and storage of personal information is essential, but technology moves too fast for it to be effectively regulated.
Doing nothing is not an option.
“There are no borders online and cloud computing means data may be sent from Berlin to be processed in Boston and stored in Bangalore," wrote Calcott.
"EU data protection rules aim to provide the right to data protection, as well as the free flow of data. But trying to enforce this by setting rules and penalties around data loss is very much closing the stable door after the horse has bolted,” he added.
However, Nick Pickles, director of privacy and civil liberties campaign group Big Brother Watch, took issue with Calcott's viewpoint.
“Technology is fast paced, but to see that as a reason not to regulate businesses at all is ridiculous," Pickles told IT Pro.
"Data protection law isn’t just about when data is lost, but to stop it being collected without proper consent and to ensure it isn’t shared freely with numerous third parties."
Pickles said the case highlights the growing issue of how to deal with overseas firms that fail to adhere to UK or European data protection laws.
“Alternative means of enforcement may be required," he suggested.
"Whether that’s pursuing revenues generated or using existing off-line legal provisions, the challenge is to find a way of protecting consumers without crippling innovation. Doing nothing is not an option,” he added.