The European Commission is implementing new regulations that are meant to regulate the handling of data within the EU, as part of its data strategy. However, many of these regulations are currently in the planning stage and others are already in force, which is leading to confusion for citizens and companies.
As a guest in episode 83 of the c’t data protection podcast, Dr. Winfried Veil, who is considered a tough critic of the fast-paced regulation, shares his thoughts on this matter. As a lawyer and consultant in the Federal Ministry of the Interior, Veil accompanied Council negotiations on the General Data Protection Regulation (GDPR) as an expert in the responsible EU project group.
Veil describes the current situation as a “legislative tsunami” that is sweeping across the EU. Although all data laws contain the passage “The GDPR remains unaffected”, this assertion does not hold up when you take a closer look at the draft legislation. Veil cites the Digital Services Act (DSA) as an example of where the new platform law raises data protection issues.
In particular, Veil notes that the mechanisms defined in the DSA for reporting channels for illegal content could lead to de facto data retention on the platforms. He speaks of “trawlers, informers, and troublemakers databases” that could be created. This is just one of many aspects where the DSA and GDPR clash.
In conclusion, it is clear that the new regulations by the European Commission are meant to improve data handling within the EU. However, the sheer volume of new legislation and the fact that some regulations are already in force while others are in the planning stage has created confusion for citizens and companies alike. It is important for experts like Veil to provide insights into the impact of new regulations and where they may lead to unforeseen consequences.