8
Led by regulatory agencies in countries like Germany and France, data protection
commissioners from European countries pressed for European action in the late 1980s.
Critical to the success of the national data protection commissioners’ efforts were powers that
they had acquired over the previous ten years, elevating the group from a network of legal
experts to transnational actors with regulatory power. More than just an attempt to ease
business friction within the common market, however, national data protection regulators
saw European rules as a necessary means to guarantee and expand personal freedom,
developing a human right to data privacy. They had two weapons with which to persuade
European and member state officials. The first was to exercise export controls i.e. threaten to
block transnational data flows, as the French data authority did in 1989. Similarly, the
French, German, and Luxembourg data protection authorities effectively stalled the Schengen
agreement, which was to open borders within Europe, owing to its lack of data protection
rules. The second weapon was the ability to lobby national and international institutions,
leveraging public opinion. In 1989, the international data protection commissioners’
conference released a joint statement that called on European Community officials to act.
9
The message was clear. If the community wanted information to flow, all members needed
rules that protected individuals at a high level.
The timing of the data protection debate was essential to the passage of the directive.
Mounting pressure during the late 1980s successfully persuaded the European Commission
and the Council, that European data protection rules were central to the European agenda.
The blockage of data transfers threatened to undermine the progress of the internal market.
Perhaps more importantly, the Commission realized from a scandal surrounding the
governance mechanisms, I contend that transnational policy entrepreneurs reflexively interact with
international organizations.
Convention