US firms increasingly wary of EU action over online privacy
International Association of Privacy Professionals says issue has ‘exploded’ since Edward Snowden revelations
German chancellor Angela Merkel wants to have European data managed within Europe, by European firms subject to more stringent EU data protections. Photograph: Adam Berry/Getty Images
Organisations are grappling with how to address concerns about privacy in the wake of data breaches and spying scandals, according to a panel of privacy officers from US multinational companies.
However, the US corporate view of privacy is at some remove from a European perspective, judging by somewhat dismissive views expressed at the RSA Conference.
“Privacy has exploded since Snowden,” noted J Trevor Hughes, president and CEO of the US-based International Association of Privacy Professionals. He said organisations “have struggled with transparency”, in part because those implicated by leaks from whistleblower Edward Snowden have been limited by US law in what they have been able to reveal about security agency requests for data.
Brendan Lynch, chief privacy officer at Microsoft, said privacy was now “the topic du jour . . . security professionals see it as a security issue, privacy professionals see as privacy issue, and both are right.”
Maintaining customer trust in a rapidly changing world of technology and services was a challenge, he said, adding that the company felt “some frustration” at not being able legally to be more transparent in responding to Mr Snowden.
Keith Enright, senior privacy counsel at Google, expressed annoyance at “the way this has been mischaracterised or misunderstood externally. We did not grant direct access to the government to internal Google systems and have no evidence that this occurred”.
All the panellists expressed alarm at recent European proposals – most notably by German chancellor Angela Merkel – to have European data managed within Europe, by European firms subject to more stringent EU data protections.