14 February 2011
The recent case of Denmark's TNS Gallup shutting its WebProfil service in response to consumer complaints demonstrated that researchers will need to pay closer attention to consumer sensitivities and legislative developments intended to regulate profiling in 2011.
The Council of Europe in Strasbourg has renewed its efforts to update its legally binding rules on data protection in 2011, putting it in line with similar reviews underway by the European Commission, the US Federal Trade Commission as well as work proposed by OECD and APEC.
In 2010, ESOMAR contacted the Council of Europe regarding its proposal to develop a recommendation for the protection of individuals with regard to automatic processing of personal data in the context of profiling. At that time, the Council offered assurances that market, social and opinion research would not be affected, as the sector came under other requirements designed for statistical research.
However, the Council has now turned its attention to reviewing the entire Convention 108 on automatic processing of personal data. This legally binding convention has been in existence since 1981 and is source from which the profiling recommendation draws its principles.
In light of this development, ESOMAR will re-review, in more detail, how market, social and opinion research can maintain the protections already afforded to it. The briefing for the Council of Europe's new consultation on Convention 108 suggests that there will be a significant alignment between its rules and EU rules already under review. Thus, similar messages from the market research sector should be targeted at both entities. The consultation will be open until mid-March and ESOMAR will respond together with EFAMRO, continuing our previous cooperation on responses to the EU.
EUROPEAN DATA PROTECTION DAY UPDATE
Following along this, decision makers from both the EU and Council of Europe appeared side-by-side at a joint conference in Brussels in January on what in what has now been dubbed European Data Protection Day.
The message from the European Commission was that it was committed to make a proposal to update rules before Summer 2011. Member States would likely be expected to implement agreed rules by 2014.
The Commission also committed to solving difficulties relating to the lack of harmonization. Businesses, however, should not expect a massive simplification exercise which could compromise the standards of data protection. Possible solutions were raised in the non-binding yet influential recent opinion from the Article 29 Working Group, which covered how a country's law applies to different business data processing scenarios. The Article 29 Working Party, is a group of the EU's national data protection commissioners which advise the European Commission.