ACTA: The Fact Controller speaks ...

On Saturday the online Official Journal of the European Union carried the Opinion of the European Data Protection Supervisor (EDPS) on the current negotiations by the European Union of an Anti-Counterfeiting Trade Agreement (ACTA), which you can read in full here. The EDPS isn't interested in intellectual property, counterfeiting or any of the other things that concern the IP community -- but he is highly concerned about anything to do with information. Issues such as transparency and the extent to which personal data can be stored, shared and used are very much on his mind.

The EDPS is charged with looking at all proposed EU law, and commitments which the EU considers making, with a view to commenting on the extent to which it complies with the clearly-stated objectives of European data protection. His review of ACTA was therefore inescapable, however much secrecy the proposed agreement enjoyed in its earlier days.

The EDPS's Opinion is 13 pages in length and concludes as follows:
"81. The EDPS strongly encourages the European Commission to establish a public and transparent dialogue on ACTA, possibly by means of a public consultation ['Possibly'? If the public hasn't been properly informed up to know, consultation may not be so fruitful], which would also help ensuring that the measures to be adopted are compliant with EU privacy and data protection law requirements.

82. In the course of the ongoing negotiations on ACTA, the EDPS calls on the European Commission to strike a right balance between demands for the protection of intellectual property rights and the right to privacy and data protection. The EDPS emphasises that it is particularly crucial that privacy and data protection are taken into account from the very beginning of the negotiations before any measure is agreed upon so as not later on having to find alternative privacy compliant solutions [this emphasises that compliance with privacy issues is non-negotiable, even if the terms of ACTA are].

83. While intellectual property is important to society and must be protected, it should not be placed above individuals’ fundamental rights to privacy, data protection, and other rights such as presumption of innocence, effective judicial protection and freedom of expression [What about the consumers' right to protection against fake medicines, brake-pads etc? That's not an IP issue for them, but it is a question of survival].

84. Insofar as the current draft of ACTA includes or at least indirectly pushes for three strikes Internet disconnection policies, ACTA would profoundly restrict the fundamental rights and freedoms of European citizens, most notably the protection of personal data and privacy [the right to receive information is presumably omitted since it falls outside the remit of the EDPS].

85. The EDPS takes the view that three strikes Internet disconnection policies are not necessary to achieve the purpose of enforcing intellectual property rights. The EDPS is convinced that alternative, less intrusive solutions exist or, at least, that the envisaged policies can be performed in a less intrusive manner or at a more limited scope, notably through the form of targeted ad hoc monitoring [The EDPS is not concerned with efficiency or cost of enforcement. How many tens of millions of people can be ad-hoc monitored before IP rights are unenforceable?].

86. The three strikes Internet disconnection policies are also problematic on a more detailed legal level in particular as the processing of judicial data, notably by private organisations, must be based on an appropriate legal basis. The operation of three strikes schemes may further entail the storage of log files on a longer term, which would be contrary to existing legislation [Isn't longer-term storage permitted where justifiable?].

87. Furthermore, as far as ACTA involves exchanges of personal data between authorities and/or private organisations located in the signatory countries, the EDPS calls on the European Union to implement appropriate safeguards. These safeguards should apply to all data transfers made in the context of ACTA — whether they are in the field of civil, criminal, or digital law enforcement — and should be in accordance with the data protection principles set forth in Convention No 108 and Directive 95/46/EC. The EDPS recommends that such safeguards take the form of binding agreements between EU senders and third country recipients.

88. The EDPS further wishes to be consulted on the measures to be implemented in respect of the data transfers that will take place under ACTA in order to verify their proportionality, and that they guarantee an adequate level of data protection. The EDPS further wishes to be consulted on the measures to be implemented in respect of the data transfers that will take place under ACTA in order to verify their proportionality, and that they guarantee an adequate level of data protection".
So now you know. The IPKat has done a quick search of 'ACTA' and 'EDPS' together as news terms, but this search has thrown up no 'hits'. How strange, observes Merpel, that when three controversial issues -- ACTA, three strikes and data protection -- all come together in one document, the world's main news resources are so coy.

The Fact Controller here
The Fat Controller here
The Cat Controller here
ACTA: The Fact Controller speaks ... ACTA: The Fact Controller speaks ... Reviewed by Jeremy on Monday, June 07, 2010 Rating: 5


  1. Grrr. Truly the privacy tsars are a law unto themselves, barely subject to democratic control. Every definition ("judicial data") must be interpreted to the maximum in favour of the data subject and against commerce. For most lawyers, privacy law fills in some gaps between substantive rights where individuals in a free society might need protection. For Mr Hustinx and his colleagues, the law of privacy is the continent and other rights - property, contract - are isolated areas which must be carefully monitored and justified. What possible business is it of the EDPS to pronounce upon what sovereign states may agree on a Graduated Response? Privacy commissioners should accept the substantive legal framework presented to them and not assume public postures on what are political issues. The intellectual bottom dropped out of Marxism in 1989, but privacy advocates (sometimes the same people as pre-1989, e.g., M. Cohn-Bendit) are carrying on the good work of controlling private property in the interests of the collective.

  2. Not all news sources are so coy. Isn't this th esame report?

  3. Well spotted, Anonymous -- and it also solves the problem why nothing on this item was thrown up as a news search: it was no longer news.

    This in turn raises the interesting question why it takes three and a half months for a document issued in February to find its way into the Official Journal ...


All comments must be moderated by a member of the IPKat team before they appear on the blog. Comments will not be allowed if the contravene the IPKat policy that readers' comments should not be obscene or defamatory; they should not consist of ad hominem attacks on members of the blog team or other comment-posters and they should make a constructive contribution to the discussion of the post on which they purport to comment.

It is also the IPKat policy that comments should not be made completely anonymously, and users should use a consistent name or pseudonym (which should not itself be defamatory or obscene, or that of another real person), either in the "identity" field, or at the beginning of the comment. Current practice is to, however, allow a limited number of comments that contravene this policy, provided that the comment has a high degree of relevance and the comment chain does not become too difficult to follow.

Learn more here:

Powered by Blogger.