Data Protection Relinquishment Denied by EC
The European Union (EU) is pushing forward with its data protection reforms, aiming to extend the application of EU law to service providers based outside the EU and data stored in the cloud anywhere in the world. However, these reforms are facing opposition and concerns from US Internet giants and certain member states.
Opposition from US Internet Giants
Major US tech companies, such as Meta, have faced significant fines for violations of the General Data Protection Regulation (GDPR), including a €1.2 billion penalty related to EU-US data transfers. These companies argue that EU data protection rules, especially after rulings like Schrems II, impose burdensome restrictions affecting their business models.
The US government and lawmakers have also voiced criticism of related EU regulations, such as the Digital Services Act (DSA), arguing that they impose excessive content regulation and could indirectly impact US freedom of speech protections. This indicates broader US opposition to expansive EU digital regulations, including data protection reforms.
Opposition from EU Member States
The UK, having left the EU, is actively reforming its data protection regime to diverge slightly from the EU GDPR, aiming for more practicable enforcement and guidance by late 2025/early 2026. This may reflect a softening stance compared to the EU's stricter framework.
Some EU member states and their data protection authorities, like France's CNIL, are adapting to new regulations such as the 2024 regulation on political advertising, which supplements the GDPR but also intensifies transparency and data protection. This shows continued strict enforcement but with evolving interpretations.
Context and Impact
The EU’s reforms reinforce strong rights for individuals regarding data access, objection, and protection, influencing global privacy laws — a phenomenon known as the "Brussels effect." However, the US lacks a national privacy law, fueling ongoing conflict over adequacy decisions that permit data flow between the EU and US.
Opposition aims mostly at regulatory burdens and scope, with US firms and some stakeholders seeking softer rules or enhanced data transfer mechanisms that balance privacy with business functionality.
Justice commissioner Viviane Reding stated today that those who want to maintain a high level of protection in Europe have recognized the need to move fast. Mina Andreeva, EC spokesperson for justice, fundamental rights, and citizenship, stated that the EU Justice Council will discuss the data protection regulation on Friday. Last week, Viviane Reding and German consumer protection Isle Aigner issued a joint statement in support of the proposed data protection reforms.
- The US Internet giants, such as Meta, are expressing concerns with the EU's policy-and-legislation, specifically the proposed data protection reforms, arguing that the burdensome restrictions imposed could negatively impact their business models, especially after rulings like Schrems II.
- Certain EU member states, like France's CNIL, are adapting to new regulations such as the 2024 regulation on political advertising, which supplements the GDPR but also intensifies transparency and data protection, indicating a continued strict enforcement but with evolving interpretations within the context of politics and general-news.
