By Christopher Wolf
On Wednesday of last week, in Strasbourg, France, the European Parliament overwhelmingly approved a proposal for a sweeping, region-wide Data Protection Regulation, ratifying the work of MEP Jan Philipp Albrecht, who almost two years ago began his work as rapporteur for the regulation.
The next evening, on Thursday in Palo Alto, California, I was sitting across the dinner table from Albrecht—who prefers to be called Jan—at an Asian-Fusion restaurant, enjoying a sociable evening for speakers at the next day’s Berkeley Center for Law and Technology (BLCT) annual Silicon Valley Privacy Conference.
Essentially, Albrecht left the European Parliament building in Strasbourg and headed straight for Silicon Valley, where there is no shortage of critics of the proposed European law, viewed by some there as a threat to innovation. I am among those who have scrutinized aspects of the regulation and its potential operation, while lauding the concept of a uniform law.
Several months ago, I suggested Jan for the keynote slot to conference organizer and Berkeley Law Prof. Paul Schwartz, thinking him to be a “long shot.” I was impressed that Jan said “yes” and was willing to travel so far to engage with privacy professionals, outside lawyers and law students in a jurisdiction known to be quite a bit less supportive of his privacy law work than those in Strasbourg or Brussels. Prof. Schwartz’ prominence, charm, power of persuasion and German language skills, as well as Berkeley’s prestige no doubt were compelling factors. Given the timing of his visit, on the heels of the most important parliamentary vote of his career and at a time he could be campaigning for re-election, I was even more impressed that he was able to make it to Palo Alto—his first visit to the Bay Area.
In January of 2013, with IAPP VP of Research and Education Omer Tene, I hosted Jan and other European and U.S. privacy dignitaries at a Future of Privacy Forum-sponsored program in Brussels, and at that session, Jan was in full-campaign mode in support of the regulation. The fact that a TV documentary crew also was filming there made the interaction less personal and more predictable political theater.
The recent encounter was completely different from the Brussels session.
Looking more like a Silicon Valley techie than a government official and dressed in a long-sleeve T-shirt and jeans at the dinner and the next day at the BCLT program, Jan was friendly, engaging, knowledgeable and interested in what others were saying. The conversation was more like a hallway discussion at the IAPP Global Privacy Summit than an exchange with one of the highest-profile EU policymakers on privacy. Perhaps the fact that he was on a virtual “victory lap” following the Strasbourg vote put him in an especially good mood. But he certainly did not lord his victory over the gathered Americans.
The conversation was broad ranging. There was as much conversation about tech innovation as there was about privacy risks. And the unprompted compliments Jan had for a prominent U.S. tech company’s privacy practices were notable. Jan did not at all embody the stereotype of the harsh EU critic of U.S. privacy.
I was especially struck by his observation that as troubling as the Snowden revelations about NSA surveillance are, EU member states also are engaging in surveillance tactics that raise privacy concerns that need addressing globally. As a side note, I am appearing before the Privacy and Civil Liberties Oversight Board on Wednesday with respect to the legal framework governing surveillance by foreign countries.
Jan said that now that his parliamentary work on the regulation is complete, he wants to focus on international privacy issues, especially interoperability, and he wants to bring his skills as a lawyer (he has a LLM) to bear. He volunteered for additional opportunities to dialogue in the U.S. about privacy.
My dinner with Jan appeared to mark his transition from rapporteur to discussant, and based on the conversation—as well as his recent work—he has much to contribute to the global privacy conversation.3/18/2014