European Commission Adopts Privacy Directive Brussels, Aug. 11, -- The European Commission is now well on its way towards affording a high level of protection to personal data held on computer systems, following the formal adoption of a Directive on the protection of personal data, Newsbytes has learned. "I am pleased that this important measure, which will ensure a high level of protection for the privacy of individuals in all Member States, has been adopted with a very wide measure of agreement within the Council and European Parliament," said EC Single Market Commissioner Mario Monti, announcing the measure. According to Monti, the Directive will also help to ensure the free flow of information society services in the "Single Market" by "fostering consumer confidence and minimizing differences between member states' rules." "Moreover, the text agreed includes special provisions for journalists, which reconcile the right to privacy with freedom of expression," he said, adding that the member states must transpose the Directive within three years (i.e., write it into their own legislation), "but I sincerely hope that they will take the necessary measures without waiting for the deadline to expire so as to encourage the investment required for the information society to become a reality." Monti claims that the Directive will establish a "clear and stable" regulatory framework necessary to guarantee free movement of personal data, while leaving individual EU countries room for maneuver in the way the Directive is implemented. According to the Directive, free movement of data is particularly important for all services with a large customer base and depending on processing personal data, such as distance selling and financial services. In practice, however, banks and insurance companies process large quantities of personal data on such highly sensitive issues as credit ratings and credit-worthiness. If each member state had its own set of rules on data protection, for example, on how data subjects could verify the information held on them, cross-border provision of services, notably over the information superhighways, would be virtually impossible and this extremely valuable new market opportunity would be lost, the EC claims. According to the EC, the Directive aims to narrow divergences between national data protection laws to the extent necessary to remove obstacles to the free movement of personal data within the EU. As a result, any person whose data is processed in the EC will be afforded an equivalent level of protection of his rights, in particular his right to privacy, irrespective of the member state where the processing is carried out. The EC claims that, until now, differences between national data protection laws have resulted in obstacles to transfers of personal data between EC member states, even when these countries have ratified the 1981 Council of Europe Convention on personal data protection. This has been a particular problem, the EC notes, for multinational companies wishing to transfer data concerning their employees between their operations in different member states. According to the Commission, such obstacles to data transfers could seriously impede the future growth of information society services. The Directive establishes the principle of "fairness," so that a collection of data should be as transparent as possible, giving individuals the option of whether they provide the information or not. The Directive requires all data processing to have a proper legal basis. The legal grounds defined in the Directive are: consent, contract, legal obligation, vital interest of the data subject, and the balance between the legitimate interests of the people controlling the data and the people on whom data is held (i.e., data subjects). This balance gives member states room for maneuver in their implementation and application of the Directive, the Commission claims. Press & Reader Contact: European Commission, +32-299-1111 --