IMCO is the European Parliament committee on Internal Market and Consumer Protection issues. As such, it is usualy asked to express its opinion about Regulation, Directive or anything the Parliament has to vote, focusing on matters relating to consumer protection.

The opinion it issued on the proposed Regulation is aimed to assist LIBE in the drafting of its report (which will contain the amendements that will be proposed to the Parliament).

You can find a detailed list of its members here on Memopol.

This page aims to show and analyse the main points IMCO (Consumers) opinion focuses on (you can still read its draft opinion part 1 and part 2).

Profiling

Three amendments Erreur de référence : Balise <ref> incorrecte ; le nom ne peut être un entier simple. Utilisez un titre descriptif were aimed to prevent children from being subject to profiling, but they fell as the Compromise Amendment 9 was adopted Erreur de référence : Balise <ref> incorrecte ; le nom ne peut être un entier simple. Utilisez un titre descriptif. This compromise amendment undermines Article 20 to the point that this article cannot prevent any form of profiling anymore. It now merely prohibits unfair and discriminatory decisions based on automated process of personal data. It is such a change that the article 20 even switches its title from ‘profiling’ to ‘automated process’.

However, amendment 233 proposed by Engström (Greens) still sets a right to object to profiling.

Data breach notification

Compromised amendment 10 Erreur de référence : Balise <ref> incorrecte ; le nom ne peut être un entier simple. Utilisez un titre descriptif limits controllers’ obligation to notify to the breaches of significant effect and dismisses their obligation to notify within a 24 hours delay.

Consent

One of the major features of the Commission's Proposal Regulation is to require from the data subject a consent which is specific, informed and explicit. Requiring an explicit consent appears to be the most effective way to safeguard privacy. But the only amendment IMCO voted about consent redefined it as having to be given 'as explicit as possible according to the context', thus giving processors countless ways to circumvent data subject's explicit consent.

Right to be forgotten and to erasure

Compromise amendment 8 (voted by Greens, S&D, ALDE, EPP, ECR, EFD) provides that a controller doesn't have to take all reasonable steps to inform third parties that a data subject has requested them to erase the data they hold where data subject gave his consent to make these data public.

Anonymity

Compromise amendment 5 (voted by Greens, S&D, ALDE, EPP, ECR, EFD) provides that anonymous data (which cannot be attributed to anyone) are set out of the regulation scope.