At the moment laws which have been highly costly and of questionable practical value (such as the data protection and e-commerce rules) are almost impossible to quickly improve or remove. The EU Commission and regulators have in the past publicly consulted on these rules but then concluded that the scope of their operation should be extended, despite fierce opposition from business. It suits politicians to propose rules, and it suits regulators and bureacrats to draft and then (through extensive “guidance”) extend the scope of those rules and the scope of their influence, and it suits lawyers to consult and advise on those rules, but there is no effective mechanism for getting laws improved or repealed if their cost or difficulty significantly exceeds their benefit. It’s a case of legislate in haste and repent at leisure – but it is business which picks up the massive bill for this. Many business people feel that the purpose and effect of the legal system is simply to support the legal system.
For example the EU data protection rules include restrictions on international data transfers – these rules are still being debated more than 15 years after the Data Protection Directive was implemented. EU regulators themselves seem unsure on what will be an effective mechanism for data transfers going forward, the laws are not complied with and have virtually no practical benefit for individuals’ privacy. This is just one example – another is the myriad of overlapping e-commerce, distance selling, consumer protection etc. rules. Or the way in which the new Bribery Act has been enacted without a clear idea of how it is to be complied with in practice by businesses, with a resulting one year delay. Or “Health and safety” rules which are now a by-word for pointless bureaucracy and legalese.
An effective post-implementation auditing mechanism is the only way to ensure these mistakes are not repeated in the future – If a law is no good there needs to be timely way of assessing and amending it. At the moment it’s in no one’s interest for a defective law to be repealed or reduced in scope, especially at an EU level. That is why we are increasingly in the position of the laws (such as those relating to data protection, e-commerce or consumer protection) being routinely broken with sproadic and increasingly arbitrary enforcement.
All laws should come with a built-in and effective review process by an independent and respected third party. What we then need is for the law to be amended or reduced in scope as apporpriate to make it workable – not ever more woolly “guidance” from regulators building their empires.
Claire Crole, Legal Accelerator LLP