EU Commission plans 'umbrella' data protection deal with US
'Piecemeal approach' doesn't sit right with Reding
The European Commission has opened negotiations with the US on the creation of a data protection agreement that would govern all data transfers between the EU and the US.
Commissioner for Justice, Fundamental Rights and Citizenship Viviane Reding told The Atlantic Council in Washington that the negotiation of separate deals on issues such as airline passenger name records (PNR) and financial data was not the best way to address privacy concerns.
"It is my determination to end this piecemeal approach. That is why, within my first few months in office in Brussels, I worked on a mandate to start negotiations with the US on an umbrella data protection agreement," Reding said. "The aim is clear: to provide legal certainty to data transfers by ensuring that all these transfers are subject to high standards of data protection on both sides of the Atlantic."
"EU Member States are currently discussing the fine print of the Commission's proposal before negotiations can officially start. This will be done swiftly and I am confident that the green light will be given in the coming months," she said.
Last week the European Parliament gave its approval to the latest framework within which US authorities can gain access to Europeans' banking details to aid their counter-terrorism police and intelligence operations. The Parliament had rejected previous proposals and has been more protective of Europeans' privacy than other EU governing bodies.
EU data protection law states that personal data must only leave Europe if it is protected as well as it would be within Europe. This can be done by other countries' data protection laws or by agreements about how specific information will be treated.
Reding said that she recognised that many data protection regulators and legislators are concerned about the US's generally less privacy-protective laws.
"Past negotiations on the transfer of passenger data or the more recent talks on the transfer of financial transaction data for the purposes of the [US anti-terrorism programme] have shown how difficult it is to find mutually acceptable standards and practice for the protection of personal data," said Reding.
"For years experts have been discussing the usefulness of having an international agreement between the European Union and the US based on high standards for the protection of personal data to prevent and prosecute crime," she said. "There were many talks but little political will. This has to change."
Reding said that the cultural differences between the approaches to personal data processing in the US and Europe had to be resolved.
"The EU and the US are both committed to the protection of personal data and privacy, even if our systems for doing so are not identical," she said. "Removing protection gaps and discrepancies between the two legal systems and thereby improving legal certainty and reaching a high level of protection for any individual are the goals for this new agreement."
Reding said that the proposed agreement on how to treat data transferred for criminal purposes would also help authorities to come to agreement on data swapping for other, non-criminal purposes. She said it could become an 'umbrella agreement' for all others.
"I want to negotiate a data protection agreement that contains all the necessary high level data protection standards, with obligations for data controllers and rights for data subjects, as well as mechanisms to ensure the application of those standards," said Reding. "This should become a complete self-contained set of rules. The US would feel the benefits immediately since high data protection standards would guarantee legal certainty and facilitate data transfers to and from the US much more easily than is currently possible."
Last week the European Parliament withdrew its objections to US processing of Europeans' banking data. The Parliament voted to approve a revised deal containing better privacy protections than one it rejected in February.
Copyright © 2010, OUT-LAW.com
OUT-LAW.COM is part of international law firm Pinsent Masons.
"The EU and the US are both committed to the protection of personal data and privacy, "
One word: Bollocks.
This is utter madness...
@"EU data protection law states that personal data must only leave Europe if it is protected as well as it would be within Europe." and "high data protection standards"
That statement about protected is meaningless considering the number of data leaks we have seen in Europe. Also and far more importantly talking about protection on the data is totally missing the point that they are sending too much data out, like all our banking records. Protection on the data format isn't protection on what data they send out, yet the morons in government seem to believe it is and so fail to see how much of our data is being sent out. They think its protected!. (At least thats the double speak they are trying to convince us to believe ... yes its protected see (well only the format is protected, what data they leak isn't, yet they want us to think everything is ok, go to sleep now, Big Brother is watching over you!).
Plus without any doubt at all, this leaking of so much information will be used for industrial espionage. Protection of America also means financial protection of America and so they use their spooks for industrial espionage, but they don't even need to now, as we just download all our data to them now!
@"The US would feel the benefits immediately"
WTF!! about EU feeling the benefits!! ... Its all so one sided. Why the hell are America not releasing their banking data to Europe. I know why, its because American civil rights prevents America doing to its own people what they are getting away with doing to Europeans! ... plus they wouldn't want their data leaked the way we have to suffer it being leaked, yet they expect us to just leak our data to them and its all done in the name of the endless perpetual war against Terrorism which is a blank cheque way to totally erode all our civil liberties, in the name of safety from fear!
We laugh at your puny data protection plans
Recall that this is the USoA government, that shining beacon of freedom that bravely spies on its own citizens wholesale, retroactively OKing everything that was "technically" completely outside what is permitted by law. As in, on the next continent, maybe.
Rules are well and good but the EU will just have to trust these examples of governmental integrity they will abide by the EU's oh so reasonable rules. Suppose gov.us doesn't, then what? Some international court perhaps? Or diplomatic reciprocity?
A more pathetic show of incompetently spinning a show of vague hope you'll be hard pressed to find outside Brussel, or it'd have to be in Strasbourgh. Carry on European Government! Bis bis! What a success these measures are! More please!