(Bloomberg) Facebook Inc. (FB), Google Inc. (GOOG), Microsoft Corp. (MSFT) may face stricter data-protection rules requiring them to allow users to shift data to rivals in the European Union under proposed changes to a draft law.
People need more control over how personal data is used, according to a report today advising amendments to the rules proposed by the European Commission. Social networks should let users move information "from one platform to another" and get precisely what sort of details companies have on them at any time, free of charge, said Jan Philipp Albrecht, a German Green Party politician leading the effort in the European Parliament.
Social networks "should be encouraged as much as possible to store data in a way which permits efficient data portability for data subjects," according to Albrecht's report. Requiring consent "is the best way for individuals to control data processing activities."
Under the Brussels-based commission proposal, for the first time all EU data-protection watchdogs would be empowered to sanction companies as much as 2 percent of yearly global sales for "intentionally or negligently" violating the rules. To date, the heaviest fine levied by an EU privacy regulator was a 100,000 euro ($131,000) sanction by French authorities in 2011 for Google's unauthorized collection of personal data for its Street View mapping service.
EU Justice Commissioner Viviane Reding, who put forward the overhaul of the rules in January 2012, hailed the report as "supporting the commission's aim to strengthen Europe's data protection rules," in a statement today.
Under the commission draft, companies will have to contact fewer regulators for data-protection issues across the region as the authority in the country where it's based will become a "one-stop shop." In practice, this will mean Ireland's agency will be in charge of regulating companies such as Facebook, which run their European operations from the country.
Among Albrecht's 350 proposed amendments, these "lead" watchdogs would work in close cooperation with other national data protection agencies and consult involved authorities before adopting a decision..