Yesterday saw the worldwide rollout of the General Data Protection Regulation (GDPR) law created, orchestrated, and imposed by the wholly undemocratic European Union (E.U.). As with so many of the E.U.’s projects, it was veiled in the language of fairness and equality; and as such, was swallowed up by those to whom such buzzwords are like water in a desert.
Yet the reality is quite different. As with any large organization that seeks to deny individual liberty and sovereignty, this piece of legislation was, from the start, designed to take power away from the little guy, the individual, and consolidate it in the superstate.
On the surface, the idea that there is a law that will stop others gathering, using, selling, or even just holding on to your personal information is sure to be welcomed by most liberty-minded folk. But the E.U. rarely does a single thing that does not lead to a larger share of power for the Union itself; this is no different.
It is through laws and treaties that the European Union exercises and gains power at the expense of nation-states. This law is thrust upon formerly sovereign states and, under treaties, must automatically be made law. Even the U.K., who are allegedly leaving the bloc soon, are forced to adopt this law and implement it.
But where the real tyranny comes from is the creation of positions of power. Each company that deals with information in any way must have a “Controller” who is responsible for data security and management; this could be anyone assigned the role, or a new role created. Not too bad so far, but…
The devil is in the detail. Hidden in plain sight are regulations that create positions of such overwhelming authority, that are unanswerable to even the governments that create them.
The new law states that each European Union member country will create the position of “Supervising Authority,” who will be solely responsible for dealing with the enactment, dealing with infractions, hiring staff, and dealing across national borders. This person will be given a budget as deemed necessary for buildings, staff etc… and will not be accountable to anyone. As Article 52 says:
Each supervisory authority shall act with complete independence in performing its tasks and exercising its powers in accordance with this Regulation.
The member or members of each supervisory authority shall, in the performance of their tasks and exercise of their powers in accordance with this Regulation, remain free from external influence, whether direct or indirect, and shall neither seek nor take instructions from anybody.
So, this person (who will doubtless be a political appointment) has no one to answer to except the E.U., and they are granted sweeping powers.
Article 58 continues:
“Each supervisory authority shall have all of the following investigative powers:
to obtain, from the controller and the processor, access to all personal data and to all information necessary for the performance of its tasks;
to obtain access to any premises of the controller and the processor, including to any data processing equipment and means, in accordance with Union or Member State procedural law.”
These people will have “access to any premises” and can “obtain…access to all information necessary.” Article 57 states that the Supervising Authority is the sole arbiter of what is deemed necessary.
Used for Good?
The E.U. has, overnight, created a position that is indebted to itself, answerable only to itself, and exists only through its own munificence, and that has the power to enter any premises where data may be kept and take whatever data they feel necessary.
Does this still sound like a victory for the little guy? Does it even remotely resemble the best interest of the individual?