Over the last forty years, a strong and principled argument that privacy is a fundamental human right deserving special protection in an age of high technology has confronted more pragmatic considerations from a variety of interests. The messy twists and turns of this international struggle have produced a sort of consensus on what it means for an organization to process personal data responsibly. But it is an uneasy consensus, hedged by exemptions and qualifications, and regularly shaken by monumental shifts in the processing powers of technology, and by game changers like the 9/11 attacks.
This conflict is now being played out again with respect to a new Draft Regulation on privacy protection from the European Union. We have heard that this Regulation is too burdensome, that it will block innovation, that it will cost jobs, trade, and investment, that it will kill the online advertising industry, that it will unreasonably extend the reach of European law beyond European borders and exacerbate the transatlantic divide between a more protectionist and regulatory Europe and a more open and innovative United States.
These views are simplistic and misleading. The same fears were expressed twenty years ago when the first set of European privacy rules were proposed. The Internet developed and flourished since that time, and within that framework of national and international privacy law. Privacy protection did not constrain innovation then, and it will not do so today.
* Colin Bennett, “The Geo-Politics of Personal Data”