by Eva Kaili, Member of the European Parliament
“The processing of personal data should be designed to serve mankind.” If that sounds like flowery, idealistic language, then the following might get your attention: That sentence introduces new legislation imposing fines on companies of up to 4% of their annual global turnover or €20 million (whichever is greater) if they fail to protect our personal data.
The reason why the European Union is leading the world in protecting its residents’ personal data in the digital age is because personal data protection is a human right according to Article 8 of the EU’s Charter of Fundamental Rights. For those who don’t know their Charter, this right is enshrined between “The right to life” (Article 2) and “Freedom of expression” (Article 11) — it is that fundamental.
As technology disrupts the existing order, we as law makers are being challenged to ensure that we strike the right balance. As we move from the old order to the new, we want innovation to flourish, while simultaneously protecting citizens’ rights. As a general principle, I apply the following test for new legislation in the technology space: Does it reduce transaction costs for ordinary people, while simultaneously enhancing their security?
One of the examples worth a closer look is distributed ledger technology, which is gaining in significance as an increasing number of entities discover ways of optimising their operations by utilising blockchain-based solutions. As the draftsperson of first text of the European Parliament focusing on distributed ledger technology, I have participated in several hearings on the potential benefits of blockchain as a revolutionary force within the public sector.
The status quo, which changes on 25 May 2018, when the general Data Protection regulations enter into force, has proved to be dissatisfactory for many, because big corporations have long profited from collecting and selling vast amounts of information related to their customers, without being accountable for what happens to data. Now the direction of travel is clear: power is slipping away from the centralised institutions and databases of the old order, towards greater decentralisation, giving in that way the control of the data back to the citizen. This brings great potential benefits, but also new challenges. For example, EU residents have the right to request that their personal data be erased from companies’ servers. How will we deal with this question when blockchains are not governed by centralized organisations? How will we help citizens remove their personal data from blockchains? And when more and more services go online, how will we ensure that we don’t exclude citizens who are not comfortable with the new technology? As law makers, the people we represent expect solutions.
One thing is clear, though: In the digital age, personal data is the new gold. We are very fortunate, therefore, to live in a society where the protection of personal data is also very highly valued. I am committed to ensuring that the gold is returned to its rightful owners — the citizens. In this endeavour, I support innovations that give citizens more power over their personal data, at lower transaction costs, and with greater security.