As we reported last week, MEP Jan Philipp Albrecht, the rapporteur for the lead European Parliament Committee (LIBE) for the proposed EU Data Protection Regulation, has released a controversial report on the Commission’s proposal. 

There have been several news articles and commentaries in recent days about numerous aspects of the report — including the threat to the U.S.-EU Safe Harbor, the dilution of the “one-stop shop” concept regarding regulators, the re-emphasis on consent and limiting the “legitimate interests” ground for processing data, further restrictions on profiling, etc. — but one troubling aspect of the report has generally not received the attention that it arguably deserves amidst this hubbub: namely, that the report proposes to expand general compliance obligations and “privacy-by-design”/“privacy-by-default” requirements, in particular, to software and hardware manufacturers — regardless of whether they process personal data.Continue Reading EU Data Privacy Rules to Extend to All Software and Hardware Manufacturers — Regardless of Whether They Process Personal Data?