Out-Law News 3 min. read

MEPs back 'immediate suspension' of 'safe harbour' data transfers and threaten to veto US trade deal

MEPs have reiterated their calls for a data sharing agreement between the EU and US to be suspended amidst concerns that the privacy of EU citizens is not adequately accounted for.

The European Parliament's Civil Liberties, Justice and Home Affairs (LIBE) committee has backed a report that calls for the "immediate suspension" of the EU-US Safe Harbour framework and which also calls for the Parliament to withdraw its support for a new EU-US trade deal until such time as the US resolve privacy concerns.

Concerns about the US' regard for EU citizens' privacy have been expressed ever since whistleblower Edward Snowden began leaking details about the alleged scale and scope of the surveillance activities undertaken by the US' National Security Agency (NSA) last summer.

The safe harbour framework sets seven principles of data protection broadly equivalent to standards set under the EU Data Protection Directive and allows US companies that adhere to those principles and self-certify compliance with them to transfer personal data from the EU to US.

EU data protection laws prevent companies from sending personal data outside of the European Economic Area (EEA) unless "adequate protections" have been put in place or in circumstances where the destination country has been pre-approved as having adequate data protection. Only a handful of countries, including Argentina, Canada and Switzerland, but not including the US, are deemed by the European Commission to provide adequate protection.

As a result, the Commission and the US Department of Commerce negotiated the safe harbour scheme to facilitate personal data transfers between organisations in the EU and US. More than 3,000 US businesses are currently signed up to the framework.

However, the Snowden revelations prompted the European Commission to carry out a review of the safe harbour regime last year, and in November the Commission published a report which cited "deficiencies in transparency and enforcement" in how the safe harbour framework works.

The Commission made 13 recommendations that it said would address its concerns. EU Justice Commissioner Viviane Reding last month followed up on November's report by calling on the US to take "legislative action before the summer" to address the privacy concerns the Commission raised. She threatened to suspend the safe harbour agreement if the US failed to do so.

Amidst the developments around the safe harbour scheme, the EU and US have been engaged in talks designed to agree on a new trade deal aimed at "removing trade barriers in a wide range of economic sectors to make it easier to buy and sell goods and services between the EU and the US". Talks between the EU and US representatives on the contents of the new Transatlantic Trade and Investment Partnership (TTIP) began in July.

The LIBE committee at the European Parliament have now echoed calls made last year by Reding to avoid the issue of data protection being put up for negotiation as part of the TTIP talks. It said the Parliament should refuse to approve any trade deal with the US until such time as the US "fully respects fundamental rights enshrined in the EU Charter".

The committee further called for the development of Europe-only 'clouds' and IT solutions after identifying a lack of trust with US providers following the Snowden revelations. The European Parliament is set to vote on the resolution backed by the LIBE committee on 12 March.

"We now have a comprehensive text that for the first time brings together in-depth recommendations on Edward Snowden's allegations of NSA spying and an action plan for the future," LIBE committee member Claude Moraes said in a statement. "The Civil Liberties Committee inquiry came at a crucial time, along with Snowden´s allegations and the EU data protection regulation. I hope that this document will be supported by the full Parliament and that it will last beyond the next European Parliament's mandate."

The timing of the LIBE-backed report coincides with the publication of a new communication by the European Commission on internet governance. (12-page / 102KB PDF)

The Commission has said that a multitude of stakeholders, not just governments, should have a say in internet governance matters and called for a "strengthened and reformed Internet Governance Forum" and for ICANN and the IANA to be less US-centric and more "globalised".

"The European Commission is firmly committed to the multistakeholder model of Internet governance," it said in its communication. "The Commission calls upon stakeholders to further strengthen the sustainability of the model by making actors and processes more inclusive, transparent and accountable."

EU Commissioner Neelie Kroes added: "Some are calling for the International Telecommunications Union to take control of key Internet functions. I agree that governments have a crucial role to play, but top-down approaches are not the right answer. We must strengthen the multi-stakeholder model to preserve the Internet as a fast engine for innovation."

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.