AMSTERDAM/BRUSSELS – Belgium and the Netherlands are racing to put privacy laws in place that meet the requirements of the EU’s data protection directive a year after the due date of Oct. 24, 1998.
Nine EU members have not yet approved national privacy laws in accord with the directive. Commissioners in Brussels are threatening legal action against them before the European Court of Justice.
The rush to comply, several DM experts said, could do serious damage to direct marketing in the region.
Part of the problem lies in the fact that the final drafts and the regulations that make them work are not complete. Those that are finished can be read in different ways.
Moreover, experts warn, “rush’ has to be read in the European context. Neither law is likely to go into effect before the end of next year’s first quarter, perhaps later.
The Belgian law first must be published in the Belgian equivalent of the federal register, and becomes law four months after “royal assent” approval by King Albert, a routine government action.
The Dutch law will be submitted to the lower house of parliament in the middle of this month, and, once approved, brought to the floor of the upper chamber. It should be approved a month or so after the Belgian law.
Patrick Marck of the ABMD, the Belgian DMA, thinks differences between the old and the new laws are small, but concedes consumers now will have the right to refuse mailings and other DM offers.
In effect, the law legalizes the voluntary Robinson list that European DMAs routinely open to consumers who wish to have their names removed. Marck admitted the law meant a change in DM practices in Belgium but insisted it was “not a big change.”
Belgian consumers also have the right to see the data a company has collected on them.
On the plus side was a clause allowing comparative advertising, which has been forbidden.
But Marc Lolivier, the Reader’s Digest European point man on the issue, takes a far more dour view. He called the new law “dreadful” and argued that it goes far beyond the EU’s data protection directive.
“The old law was already strict enough, and at first we thought we could get more flexibility into the new one, but instead the Belgians opted for the minimum clause,” he said.
The clause allows member states to adopt more stringent provisions than the directive calls for, making “the directive useless,” Lolivier said.
The law not only gives consumers the right to return a product seven days after purchase, but requires the merchant to inform customers of their right to return both at the time of purchase and the time of delivery.
“This encourages people to return product,” Lolivier said, “and what’s more, they mandated the wording that must be used when giving information on returns, down to the size of type used and where it must be placed in the offer. That’s really crazy.”
DM lobbyists did change the first draft’s opt-in clause to opt-out, but the Belgians added another provision that all commercial communications must be identified as such.
Use of the minimal clause is under challenge before the European Court of Justice. While the clause allows EU members to add restrictions, they must meet certain criteria set by the European Commission.
Like the Belgian law, the Dutch draft would legislate the Robinson list, turning a voluntary action into a mandated one. In addition, consumers must be informed for what their data will be used.
More worrying for the industry, Dutch consultant Alexander Siegenwald said, was a regulation demanding a “relationship” between the product or service for which the data is collected and the use made of the data.
“For example, if an insurance company sells automobile policies to consumers, it is not allowed to use the names collected to sell them life insurance. They may only be used to sell ancillary products to car insurance,” he said.
Magazine inserts are all right provided they are inserted in the entire run of a publication. Segment the run, however, and “you are processing personal data, and everybody in village X who has opted out can have the insert removed from his copy. That’s a problem for publishers.”
A third troubling issue in the Dutch law is the definition of sensitive data. “If someone wears contact lenses, you can’t do a select on that fact,” Siegenwald explained, because it is medical data and therefore proscribed.
Even the Dutch data protection commissioner called this section “nonsense,” yet it is still in the regulations to the law.
