Making rules can be just as difficult as complying with them. Dutch researcher Marieke Thijssen investigated how well the Personal Data Protection Act (Dutch acronym Wbp) is harmonised with other rules that firms must comply with. Her findings: sometimes it is very difficult for firms to adhere to the rules of the Wbp.
The Wbp contains rules for firms that make use of personal data. For example, a firm may only collect and process personal data if there is a clear reason for this. However, in using personal data a firm should not only comply with the rules of the Wbp; it must also comply with the rules of company law and property law.
Thijssen established that the rules of the Wbp are not always in line with those of company law and property law; the Wbp ignores the fact that in practice the firm is not in a position to act. The firm itself does not act but natural persons on its behalf. The rules of the Wbp do not always take this into account but those of company law and property law do.
The harmonisation of new rules with existing rules is one of the quality standards that the legislator imposes on legislation. The quality standards should ensure that citizens and companies are also genuinely prepared to comply with the rules. Therefore the quality requirements of 'harmonisation between laws' should prevent inconsistencies in the implementation and compliance with the rules.
According to Thijssen's research, a number of the rules from the Wbp that firms are required to comply with, do not always satisfy that quality standard. This can give rise to a decreased willingness to comply with the Wbp, which in turn does not benefit the protection of personal data. Thijssen therefore proposes allowing the terms of the Wbp to lapse and then replacing these with the terms from company law and property law.
Thijssen carried out the research at Radboud University Nijmegen, The Netherlands.
Explore further: Briefs: Microsoft to contest EU decision