Genetic discrimination and the draft European Union General Data Protection Regulation

Abstract

This collection is being put together at a time when it is difficult to say very much that is definitive in relation to the proposed European Union (EU) General Data Protection Regulation (‘the Regulation’). A formal draft of the Regulation was published in January 2012, after a draft was leaked in December 2011, and since that time considerable debate has been generated. The Regulation is intended to replace the current EU Data Protection Directive 95/46/EC (‘the Directive’). The European Commission intends to take the opportunity to update the rules regarding data protection as it is felt that some changes in information technology, particularly those relating to web 2.0 technologies, have outgrown the original regulatory framework. Since publication by the Commission, very many significant amendments have been proposed to the original draft, including several by the influential Committee on Civil Liberties, Justice and Home Affairs (LIBE Committee) of the European Parliament, and again in what has come to be known as ‘the compromise text’ in a note authored under the Irish Presidency of the Council of the European Union. Some 3,000 amendments have been suggested in all. Much of the discussion and debate centres on provisions that are not of direct concern to the issue of genetic discrimination. However, some of them are. In what follows I hope to provide a sense of the current direction of travel; to indicate how some of the ambitions of the Regulation intersect with the concern of improved protection from unfair genetic discrimination; to point to a couple of currently contested provisions relevant to the potential scope and nature of such protection; and to indicate why the changes proposed by the Commission, and the amendments subsequently suggested, fall short in an important respect from a comprehensive response to the concerns that people have expressed in relation to genetic discrimination. Unless otherwise indicated, all references are to the Commission text as amended by the proposals of the LIBEcommittee on 22 November 2013.1A key ambition of the new framework includes assuring consumer trust in the online environment as it continues to develop. It is considered a key purpose of the reform as any lack of trust ‘risks slowing down the development of innovative uses of new technologies’.2 In addition, it is considered an appropriate moment to tackle the lack of harmonisation across the EU on data protection. The nature of the current Directive is that member states must implement its requirements locally through domestic legislation. Although the requirements are themselves common, the fact that they have been implemented differently, has not led to the level of harmonisation that was originally intended. As the Regulation would be directly applicable, and would not require any local implementation, it should successfully achieve a higher degree of harmonisation across the EU.