The statements and follow-up of the Ministerial in Washington last week where the EU was represented by Vice President Viviane Reding and Commissioner Cecilia Malstrom, show signs of the US and the EU making attempts to work towards rebuilding trust, particularly in the context of data protection and privacy which, following the Snowden revelations (and other revelations of large-scale US intelligence collection programmes) earlier this year, have been in a state of disarray.
The European Commission, clearly on the back of this Washington meeting, issued a statement on 27th November last week identifying the actions that need to be taken in order to restore the trust in data flows between the two continents. In what might be described as a controversial stance, the European Commission took the view that any and all such actions taken need to ensure a high level of data protection of all citizens and that there should be an agreement to give EU citizens concrete and enforceable rights, even to the extent of rights to judicial redress in the US wherever their personal data are being processed in the US.
In essence the six main actions identified are the following:
- Adoption of the EU data protection reform (please click here) – sooner rather than later and by Spring 2014 at the latest
- Making Safe Harbour safer – an improved functioning of the Safe Harbour scheme found to be deficient in a number of areas
- Strengthening data protection safeguards in law enforcement – umbrella agreement regarding the transfers and processing of data in the context of police and judicial cooperation, ensuring a high level of data protection of citizens of both continents
- Mutual Legal Assistance and Sectoral Agreements – use of such agreements/programmes as the primary means for obtaining data rather than going to private companies directly
- US Reform process – ensure EU concerns are addressed within the review announced by President Obama of the US national security authorities activities
- Promotion of privacy standards internationally
A few of these actions, particularly the extension of safeguards available to US citizens to EU citizens even when not resident in the US may be seen as a step too far by some but the closer international collaboration and elevation of the importance of privacy and protection of personal data internationally is surely to be welcomed.