Thursday 5 March 2015

What are we to make of the recently leaked DAPIX draft GDPR?

Tongues are wagging and the twittersphere has the usual suspects sharing their opinions on the latest leaked DAPIX draft.  According to whom you believe, it either represents a watering down of the European Parliament’s proposals, or it is a welcome step in the right direction. 

To my eyes, it’s an interesting attempt to ensure that whatever forms of processing are to be permitted, processing for the public interest (ie processing by Member States) appears to have a slightly easier ride than processing for private interests (ie processing carried out by commercial organisations).

Naturally, this is what might you expect when the text is being considered by, wait for it, representatives of the public interest.

But, in following the mantra “nothing is agreed until everything is agreed”, I won’t be spending any more time carefully analyzing this document. The proposed rules are bound to change – after all, even the 30 pages of leaked text has 90 footnotes reporting on the reservations that Member States have lodged.

If I were Sir Richard Branson, I might well consider tweaking the notice that is currently displayed on all Virgin Rail loo seats, to urge privacy pros not to stuff their copy of this draft down the pan.

Yes, the draft needs to be discarded, but surely not in that way.