BONN — An effort to protect personal security online may be a stick in the spokes of the wheels of commerce over the Internet.
A European Union policy statement issued in October 1995 called the "data protection directive" establishes standards for protecting personal data collected electronically, such as corporate personnel files or customer databases in EU-member nations. After October 1998, it will be illegal for European companies (including European offices of firms based elsewhere) to export personal data to countries whose laws do not meet the same standards.
Europeans will be able to argue that American standards do not meet their own - and thus data from Europeans may not be exported to an American firm's computer.
In Brussels, Ira Magaziner, policy adviser to President Clinton, said July 9 the US would not pass privacy laws to meet Europe's standards. The standards would be Europe's loss, he said. "I would think it would be a great mistake for Europe to isolate itself from the rest of the world by not allowing its citizens to do business with the rest of the world on the Internet," he said.
A spokeswoman at the US mission to the EU declined to comment on what solutions to this problem might be under discussion. But some observers say that the data-protection directive could be America's loss, too. The new rules will apply not only to firms with an office in Europe, but to online customers based there too.
Currently, foreign firms are able to operate in the EU by filing for exemption from existing national data laws. A similar system could be set up for the new laws.
But "I don't see how something like that would be workable - a system where individual companies have to have contracts with EU member countries," says Susan Scott, executive director of TRUSTe, in Palo Alto, Calif. TRUSTe is a nonprofit organization that licenses World Wide Web sites to use what it calls "Trustmarks" that tell visitors to Web sites what use, if any, is made of information gathered about them.
This is the kind of private-sector initiative that many point to as an example of alternatives to government regulation of the Internet.