On Monday, a top official of the EU stated that the European Union is after guarantees of effective and strict limits on the power of US authorities to request the personal information of people from companies. This will bring about the conclusion of a new data pact between the EU and the US and the deadline given by privacy regulators in the European Union draws closer. Washington and Brussels have been locked in talks for two years now about coming up with a new framework aimed at protecting the data that’s shifted to the United States. The major sticking point has been getting sufficient assurances that the personal data of the Europeans will not be accessed by US spies indiscriminately once it has been moved across the Atlantic.
At a conference in Brussels, Vera Jourova, the EU Justice Commissioner said that they were seeking guarantees about the presence of effective judicial control, which would exercise control over the access to data by publish authorities for law enforcement, national security and public interest reasons. In October, the talks had taken a tone of urgency when the Safe Harbour framework that had been in effect for 15 years had been struck down by EU’s top court. This framework had been in use by more than 4000 companies for transferring the data of Europeans over the Atlantic with ease.
The reason behind the struck down was the possibility that US authorities would gain access to data on the grounds of national security. EU data protection authorities kicked the pressure up a notch when they gave a deadline till the end of January to both sides for coming up with a new framework for data protection and its transfer to the United States. If they fail to do so, enforcement action can be taken against the companies. The discussions would continue, according to Jourova, on the margins of the World Economic Forum based in Davos, Switzerland.
The EU Commissioner who deals with matters of digital affairs, Andrus Ansip will be meeting Penny Pritzker, the US Secretary of Commerce on Thursday. Jourova also said that the Commission also wants more transparency when it comes to restricting the US security services from collecting personal data. So far, the US negotiators have managed to resist the mandatory system for companies to report the number of access requests made by the US government. However, there is an alternative available, according to people familiar with the matter.
The EU can be informed by the United States about the frequency of US authorities’ requests for access as part of the new framework in the form of an annual review process. Under the data protection law of the European Union, the personal data of EU citizens cannot be transferred by companies to countries outside the 28-nation bloc including the United States, which have been deemed to have insufficient safeguards for privacy. A political storm had been caused in Europe two years ago, when Edward Snowden, former NSA contractor had revealed the mass surveillance programs of the US government.