Acxiom keeps watch on data rules dialogue

European Union debates tighter collection directives

Personal data has become a valuable commodity for U.S. technology and Internet companies to use and sell.

But in Europe, policymakers are considering a new set of data and privacy rules that could alter how U.S. technology and data companies, such as Acxiom Corp., manage and use information.

The proposals, which include restrictions on how companies share data between offices in the U.S and Europe, could have implications for Little Rock-based Acxiom, which collects data about thousands of people and then sells the information to clients to use in marketing campaigns.

“It’s an ongoing concern,” said Sachiko Scheuing, Acxiom’s Germany-based privacy officer for Europe. “I think we will be forced to adjust to it anyways.” If the proposals are implemented as they stand, “it would be quite some impact on the way business is conducted.”

The European Union has been debating data-collection laws for several years now, but recent revelations about U.S. spy programs have troubled some European officials, resulting in proposals for tighter privacy regulations.

“It’s something they have been working on for a while,” said Mieke Eoyang, director of the National Security Program at Third Way, a think tank in Washington, D.C. “Since Edward Snowden came out with a steady drip of what the NSA is doing, the EU efforts picked up steam.”

Classified documents leaked last year by Snowden, a former government contractor, revealed that some of the National Security Agency’s spy programs, including data collection, were carried out in Europe.

The leaks included a report of the 2010 hacking of German Chancellor Angela Merkel’s cellphone by the agency.

The proposals are meant to streamline the mix of privacy rules in the 28 European Union states into a single law, Eoyang said.

“There’s a cost in trying to figure out how to manage[this] patchwork of privacy rules when there isn’t a single standard” for multinational businesses, she said.

European and American companies view data differently, Scheuing said. In the U.S., data is considered a commercial asset, whereas in Europe personal data is viewed as belonging to the individual and not a company.

“Because of the history of having privacy as a civil right, it makes Europe a very protected place in terms of privacy,” she said. “Privacy is seen as a civil right, as a fundamental human right.”

In Europe, Acxiom collects consumer data the same way it does in the United States - through public sources, surveys and its online and offline clients - but the company is limited to what data it may collect. Some information is restricted, Scheuing said.

“We are a little more careful than in the U.S. on how we do that,” she said. “Ethnicity is something we consider to be very sensitive.”

Scheuing said companies must inform consumers when details of ethnicity are collected and when that information is used.

“For some of our American colleagues that may come off as being very strange because ethnic data becomes very important information,” she said.

Acxiom is a “safe harbor” company, meaning it is allowed to send data collected in Europe to the U.S., Scheuing said, but that could change if EU officials approve a proposal that restricts the flow of data between nations.

Some European policymakers also want consumers to have greater control of their personal data and be able to erase their online information, according to a New York Times report.

In Europe, consumers are allowed to ask Acxiom for the data collected about them, and the company is required to reply in detail, Scheuing said. In Germany, Acxiom is required to tell consumers whom their data was sold to, she said.

While the proposals being considered by the European Union could limit how companies handle data, there could be benefits to a unified rule.

“Overall, we shouldn’t expect a drastic change in the way Acxiom conducts business,” said Adam Schlosser, director of the Center for Global Regulatory Cooperation at the U.S. Chamber of Commerce. “We’re hoping the impact will be minimal and whatever impact it is will be positive.”

Schlosser said the European Union needs to address national security and commercial issues separately.

Scheuing said more negotiations with lawmakers are scheduled.

“There is a lot of dialogue still required,” Scheuing said.

Business, Pages 79 on 04/13/2014

Upcoming Events