(Bloomberg) — One of the architects of the European Union’s sweeping General Data Protection Regulation admitted the law needs a revamp to ensure it’s fit for purpose amid growing attacks on citizens’ privacy.
Four years after it took effect, European Commission Vice President Vera Jourova said “targeted improvements” are now needed to the GDPR “in the age of tools such as Pegasus” spyware.
“I want to be honest with you, we are at the crunch time now,” she said, in prepared remarks for a speech she’ll give to data regulators on Thursday.
“Either we will all collectively show that GDPR and its enforcement is effective and fit for purpose or others will do it for us.”
The law, seen as a path-breaker in 2018, empowered EU data regulators to levy penalties of as much as 4% of a company’s annual revenue for the most serious violations.
Overnight, it turned Ireland’s watchdog into the bloc’s top regulator probing dozens of powerful U.S. tech firms with European bases in the nation — such as Meta Platforms Inc.
Read More: Europe’s Data Law Is Broken, Departing Privacy Chief Warns
Since then tensions have been building among authorities over who is in charge of big cases and the length of time that Irish colleagues have taken to complete major EU-wide probes.
EU Justice Commissioner Didier Reynders said at the same event in Brussels that while more targeted improvements could bolster enforcement, he warned against declaring the situation “a crisis” or “as a reason to scratch completely the system.”
Opening up discussions on a total rewrite of the rules won’t be effective now, according to Reynders and Jourova.
“This might seem tempting, but here risks are high,” said Jourova, according to the draft of her speech.
“Old legislative battles would come back. That is for sure. Some would want to try to weaken what we already have.”
(Updates with comments from EU’s Justice Commissioner starting in fifth paragraph)
More stories like this are available on bloomberg.com
©2022 Bloomberg L.P.
