Privacy is (duh) a good thing, and it's not often that I side with the privacy-mining tech industry on issues concerning our personal data. But the European Union is enacting not one, but two, policies ostensibly designed to protect privacy that are so wrong-headed, so destructive of the public's right to know that they're likely to create a series of never-ending lawsuits and legal venue-shopping that you have to wonder what bozo thought them up.
What's more, the poorly thought-out regulations and court-ordered edicts pose a serious threat to U.S. companies that do business in Europe. They'll be faced with huge fines, draconian restrictions on how to do business with countries on the E.U.'s blacklist, and the impossible task of monitoring decades of search results.
[ The end of privacy as we know it is here. | Amazon is not exactly new to unfriendly customer treatment. | Get a digest of the key stories each day in the InfoWorld Daily newsletter. ]
Meanwhile, Amazon.com CEO Jeff Bezos, who always promises to "put the customer first," is shamelessly putting readers and authors last as he fights with a publisher to gain a few extra points of margin on the sale of e-books. The reason: Hachette, a publisher of well-known authors (including J.K. Rowling of "Harry Potter" fame) won't give in to Amazon's contract demands, so Amazon is delaying shipments of its books and removing Buy buttons from Hachette's titles in an extraordinary campaign of bullying.
What a bozo.
The E.U. blows it on privacy
Earlier this month, the European high court ruled that people possess "the right to be forgotten," which really means that people have the right to censor the Web if they don't like something posted about them -- at any time in the past, even if it's 100 percent true.
That's bad enough, but the European Union isn't done. Now it appears that there will be an E.U.-wide law on privacy that would impose huge fines on companies that "misuse" European data or ship it to a country that doesn't comply with E.U. standards.
Think about that last bit. How is a giant like Google or a tiny app developer supposed to stop data being shipped (whatever that means) to countries the E.U. deems unworthy? And suppose the United States, where companies (not to mention the NSA) routinely commit atrocious violations of privacy, gets on the E.U. blacklist, does that mean users here can't see content created in Europe?
Then there's the issue of enforcement. It appears that there won't be a single body to oversee these policies. Companies will be able to pick one of the E.U.'s 28 member states and follow its interpretation of the rules, which mean they'll do what they do in the United States when they want to sue someone for a patent violation: shop for a friendly venue.
Maybe Google will settle on Ireland, while Microsoft decides that France is friendlier. Maybe Facebook will head for Croatia, the E.U.'s newest member. You could argue that the proposed rule is better than the current patchwork of 28 separate sets of regulations, but the fragmented oversight destroys any value it may have.
These rules are no joke. Companies with European customers -- even if they do not have offices in the region -- would have to comply with the controls or face fines totaling 2 to 5 percent of their global revenue, or $137 million, whichever is greater.
As to the "right to be forgotten," here's what it really means: A lawyer from Spain has the right to demand that Google remove links to a government notice, placed in a newspaper in 1998, that his repossessed home was being auctioned.
What we see here is the folly of trying to locally regulate a global industry. I don't pretend to have a solution, but what the Europeans have done in the last two weeks is exactly the wrong way to protect privacy or conduct business across borders.