The European Union wants to enhance the power of the bloc’s national privacy regulators in policing a planned new EU-U.S. data pact after the previous one was struck down by a top EU court on concerns about mass U.S. surveillance.

Brussels and Washington are locked in negotiations to forgea new framework enabling data transfers from Europe to theUnited States, which are otherwise subject to cumbersome andlengthy legal processes under EU data protection law.

The previous pact, known as Safe Harbour and used by over4,000 U.S. and European companies, was declared invalid by theEuropean Court of Justice in October because U.S. nationalsecurity needs trumped the privacy of Europeans’ data.

To address the court’s concerns, particularly that Europeans do not have legal channels to challenge misuse of their data, the Commission is looking for ways to involve European privacy watchdogs more deeply, according to three people familiar with the matter.

The U.S. Federal Trade Commission (FTC) was responsible for monitoring companies’ compliance with the Safe Harbour privacy principles, although it does not deal with complaints from individuals.

A bigger role for European watchdogs would allow citizens to complain directly to their national authorities, the sources said.

A similar mechanism existed in the old Safe Harbourframework for human resources data which are often sensitive.

U.S. companies handling Europeans’ human resources data hadto commit to cooperating with European data protectionauthorities in case of complaint. “That’s one issue to play around with,” said one of thepeople on condition of anonymity.

However, there is no agreement yet and differences remain over how the European regulators would cooperate with the FTC to avoid giving the EU extraterritorial powers.

The European Commission and the U.S. Mission to the EU declined comment.

The Safe Harbour system allowed companies to self-certifythat they complied with EU privacy law when transferring EUcitizens’ personal data to countries deemed to have insufficientsafeguards, which include the United States.

Both U.S. and EU companies shuffle personal data across theAtlantic on a daily basis, whether employee data formultinationals or user data collected by internet companies foruse in the billion-dollar online advertising market.

But the system came under strain in 2013 after former U.S.National Security Agency contractor Edward Snowden leakeddetails of U.S. government spying programmes.

Brussels has committed to wrapping up the talks by the endof January but is looking for further guarantees from Washingtonthat U.S. authorities will not access Europeans’ data on awholesale basis, something that has drawn out thenegotiations.

(Editing by Adrian Croft; julia.fioretti@thomsonreuters.com)

This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.

Related Posts

Facebook Comments

Return to Top ▲Return to Top ▲