|Nice people, but not IP folk ...|
|Secure -- but is it|
a sitting target ...?
|Security and choice: two|
major priorities in the EU
In the EU, having to deal with 28 separate national regulatory authorities is inconvenient, particularly where they employ different standards, and this militates against setting up a single pan-European e-payment system: the EU only needs one regulatory authority. Also, while data protection authorities are inconsistent, some have now begun employing people with technical expertise as well as legal knowledge -- a real improvement when engaging them in dialogue as to the security of a specific software system.
In the ensuing discussion session, attention was drawn to the dearth of authoritative case law in this area, to the intermediary platforms offered by Alibaba for such transactions, to the burden of compliance with data protection requirements and whether it represents a disproportionate burden on SMEs (answer "yes, especially since some data protection laws appear to be drafted on the basis that data is recorded physically on paper"). It was also suggested that it was unfair to to regulator-bashing, since regulators were sometimes blamed by SMEs for their failure to comply with regulatory standards.
The conclusions? Data protection regulation is a hindrance and an expensive one -- but a necessary one, particularly now that it has become apparent that some regulated businesses invest time and money in seeking to circumnavigate it. Also, it can be more difficult to sign up for an online magazine than to buy a car on the internet: are we getting our priorities right, and the balance between them?