European Data Protection Law
In the updated edition of his text, Kuner sets out the difficulty ofexpansion into EU markets for US businesses that have not taken themessage of data privacy protection seriously. US businesses intent onexploiting the information age through new EU markets or creating moreefficiency in existing European markets must effectively convert theirbusiness models to comply with EU data protection laws. The various EUdata directives create minimum standards that each member state mustthen adopt though the passage of new laws. However, this model doesallow member states to adopt stronger measures for data protection.There is a process for industries to establish self-regulatory codesunder Article 27(1) of the General Directive, but according to theauthor the process is so cumbersome that few industries have createdthem. He sees the process as taking too long to complete, and the"uncertain legal status" of the measures once adopted.
