Feeds

US to strengthen privacy rights for Euro bods' personal data transfers

Makes commitment under 'Safe Harbour' framework

Maximizing your infrastructure through virtualization

The US will take steps before the summer to comprehensively strengthen the "Safe Harbour" framework that helps facilitate some transfers of personal data to the US from the EU.

The commitment to improve privacy protections (10-page/445KB PDF) was contained in a joint statement issued on behalf of senior officials from the EU and US, including president of the European Council Herman Van Rompuy, president of the European Commission Jose Manuel Barroso and US president Barack Obama.

It follows a threat from the European Parliament to veto any future trade agreement between the EU and US unless safeguards for EU citizens' privacy rights were improved by the US.

"We are committed to strengthening the Safe Harbour framework in a comprehensive manner by summer 2014, to ensure data protection and enable trade through increased transparency, effective enforcement and legal certainty when data is transferred for commercial purposes," the joint statement said.

The EU and US officials also said they would speed up talks on creating "a meaningful and comprehensive data protection umbrella agreement for data exchanges in the field of police and judicial cooperation in criminal matters, including terrorism", and that attempts would also be made to resolve other privacy issues, including around judicial redress.

EU data protection laws prevent companies from sending personal data outside of the European Economic Area (EEA) unless "adequate protections" have been put in place or in circumstances where the destination country has been pre-approved as having adequate data protection. Only a handful of countries, including Argentina, Canada and Switzerland, but not including the US, are deemed by the European Commission to provide adequate protection.

As a result, the European Commission and the US Department of Commerce negotiated a Safe Harbour framework to facilitate personal data transfers between organisations in the EU and US. More than 3,000 US businesses are currently signed up to the framework.

However, following reports in the media about alleged US surveillance practices as revealed by the whistleblower Edward Snowden, the Commission decided to carry out a review of the Safe Harbour framework. In November it published a report which cited "deficiencies in transparency and enforcement" in how the regime works.

The Commission made 13 recommendations that it said would address its concerns and the EU's Justice Commissioner Viviane Reding subsequently called on the US to take "legislative action before the summer" to address the privacy concerns the Commission raised. Reding threatened to suspend the Safe Harbour agreement if the US failed to do so.

However, the European Parliament has called for stronger action, including the "immediate suspension" of the Safe Harbour framework, in light of the Snowden leaks. The Parliament also said it would withdraw support for the Transatlantic Trade and Investment Partnership (TTIP). The TTIP is a potential new trade agreement between the EU and US which is currently the subject of negotiation.

The Snowden revelations have also raised the prospect of a new Europe-only communications network. Last month German chancellor Angela Merkel confirmed that she intended to discuss the potential for such a network to be created with French president François Hollande.

Last year German IT trade body the Bundesverband IT-Mittelstand called on Europe to look into forming an IT equivalent to Airbus SAS to protect privacy and rival the IT infrastructure offered by US companies such as Google and Microsoft. Airbus SAS is a European-based airplane manufacturer formed by a group of European aviation companies to challenge the dominance of US companies such as Boeing in the production of airliners.

However, Munich-based technology law specialist Christian Knorst of Pinsent Masons, the law firm behind Out-Law.com, said that an "IT Airbus" in Europe could cause competition issues and that the best way to challenge more established US rivals in the market was to improve funding for small businesses to help them compete on privacy.

In their joint statement the EU and US officials also called for other nations to sign up to an expanded Information Technology Agreement (ITA), which is overseen by the World Trade Organisation. The ITA requires signatory countries to remove all duties and tariffs on the IT products listed under the agreement.

Copyright © 2014, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.

The Power of One eBook: Top reasons to choose HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
The triumph of VVOL: Everyone's jumping into bed with VMware
'Bandwagon'? Yes, we're on it and so what, say big dogs
Carbon tax repeal won't see data centre operators cut prices
Rackspace says electricity isn't a major cost, Equinix promises 'no levy'
Disaster Recovery upstart joins DR 'as a service' gang
Quorum joins the aaS crowd with DRaaS offering
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.