- Biggest test is to limit mass-data access, EU's Jourova says
- EU seeks solution after top court struck down Safe Harbor deal
The European Union stepped up the pace of talks with the U.S. toward a new trans-Atlantic data agreement after the EU’s top court said an earlier pact allowed mass access by U.S. spies on European citizens’ private details.
“We have not been dragging our feet: We have immediately resumed discussions with our American counterparts and already had several meetings at technical level,” EU Justice Commissioner Vera Jourova told EU lawmakers Monday night in Strasbourg, France. “These discussions are not easy, but I am confident that by mid-November,” when she travels to the U.S., “we should already have seen progress,” Jourova said.
The EU Court of Justice on Oct. 6 said the so-called Safe Harbor accord that allowed American companies to move commercial data from Europe to the U.S. was invalid because it compromised the privacy of EU citizens and their right to challenge the use of their information. The case was triggered by an Austrian law student who had complained to the Irish data privacy watchdog that the accord allowed U.S. security services to get unfettered access to Facebook Inc. customer information once it’s sent to the U.S.
“The biggest challenge” for the EU-U.S. talks now is how to put “sufficient limitations and safeguards in place to prevent access or use of personal data on a ‘generalized basis’ and to ensure that there is sufficient judicial control,” Jourova told the European Parliament’s civil liberties and justice committee.
The EU court in Luxembourg had been weighing the validity of the data-sharing accord following revelations by former U.S. National Security Agency contractor Edward Snowden about U.S. government surveillance activities and mass data collection. An Irish judge had sought the tribunal’s view on whether the deal still protects privacy and whether national regulators have the power to suspend illegal data flows from the EU to the U.S.
The Oct. 6 court decision prompted EU privacy watchdogs to commit to jointly take action by January if “no appropriate solution is found” in negotiations with the U.S. The EU and U.S. have been in discussions since 2013 to strengthen the Safe Harbor pact by boosting the privacy protection given to EU citizens’ data once it has been transferred across the Atlantic.
“We have already seen some progress compared to the past in the direction of more targeted and tailored surveillance,” Jourova said on Monday about developments in the U.S. since the Snowden leaks, including the extension of protections to EU citizens that were previously reserved only for Americans. “We are still in the process of assessing these safeguards and of getting further clarifications, but I certainly see some relevant and encouraging elements there.”
On other issues, such as a strengthened role of European data-protection authorities in communicating with the U.S. Department of Commerce and in reviewing the functioning of the system, the EU says it has an agreement “in principle.”
Facebook, like other tech giants, has been reeling from the effects of the Snowden revelations in 2013. The companies have been trying to assure their users or customers that their products are secure and that they don’t willingly turn over data to the U.S. government.
The EU will “soon issue an explanatory communication on the consequences” of the ruling and guidance for companies affected, Jourova said. A meeting she had with company and industry representatives on Oct. 14 made clear “they were looking for clear explanations and a uniform interpretation of the ruling.”