The European Union is set to present a proposal for renewed EU legislation on data privacy at the end of January 2012. Vivian Reding, the EU commissioner on fundamental rights, has left no doubt about its content.

In a public speech, on November 7, 2011, the Commissioner has warned US corporations that if they want to do business in the EU, they will have to strictly adhere to the EU’s privacy rules. According to the Commissioner, consumers should always be in control of their data, giving them the right to deny consent to use of their data or to delete such data at any time. This applies to all data regarding EU customers — even data in the cloud or on social networks — regardless of the country in which the corporation aiming its products and services to EU customers is located.

This statement comes at a time when US officials are also reviewing US data protection legislation, and focusing on its interoperability with foreign legislation.

If US retail corporations want to keep access to EU markets, they will be wise to monitor these developments, both in the US and the EU, which will ultimately affect the way in which they do business.

Emmanuel Gybels is the partner in charge of the Brussels office for Crowell & Moring. He regularly advises US corporations on the regulatory environment of doing business in the EU.