SCRIPTed: A Journal of Law, Technology & Society (Sep 2004)
Regulating Online Data Privacy
Abstract
With existing data protection laws proving inadequate in the fight to protect online data privacy and with the offline law of privacy in a state of change and uncertainty, the search for an alternative solution to the important problem of online data privacy should commence. With the inherent problem of jurisdiction that the Internet presents, such a solution is best coming from a multi-national body with the power to approximate laws in as many jurisdictions as possible, with a recognised authority and a functioning enforcement mechanism. The European Union is such a body and while existing data protection laws stem from the EU, they were neither tailored specifically for the Internet and the online world, nor do they fully harmonise the laws of the member states an essential element in Internet regulation. Current laws face further problems with the ease and frequency of data transfers outwith the EU. An Internet specific online data privacy regulation would fully approximate the laws of the twenty five member states and, if suitably drafted, could perhaps, drawing upon EC competition jurisprudence, achieve a degree of extraterritoriality, thus combating the problem posed by transfers outwith the EU. Any solution, however, is dependant upon our political leaders having the political will and courage to reach and agreement upon any new law.
