26 February 2008

EU privacy watchdogs say any processor must obey EU rules

(OUT-LAW News)
Europe's data protection watchdogs have said that internet companies that do any personal data processing in Europe must comply with its privacy laws even if they are based outside of Europe. The Article 29 Working Party, a committee of all of the EU country's privacy or data protection commissioners, said that its data protection rules must apply to personal data processed by companies that do not even have offices in the EU. "[The EU's] provisions also apply to such controllers who have their headquarters outside the EU, but only an establishment in one of the EU Member States, or who use automated equipment based in one of the Member States for the purposes of processing personal data," said a Working Party statement. The EU's privacy watchdogs are locked in a battle with search engine companies such as Google over the processing of personal data. There are debates about whether companies are subject to the EU's rules as well as what those rules mean.