Wednesday

6th Jul 2022

Commission downplays Parliament EU-US data privacy concerns

  • MEPs are worried that US subpoenas could force EU companies to disclose personal data (Photo: The Planet)

Justice Commissioner Viviane Reding has insisted that US authorities cannot override EU laws on data privacy, following concerns expressed by MEPs that certain US laws and legal subpoenas could force EU companies to disclose personal data to US law enforcement agencies.

Speaking on Wednesday night in a debate called by Liberal MEPs in Strasbourg, Commissioner Reding told MEPs that “any processing of personal data in the EU has to respect the applicable EU data protection law”, adding that a US law enforcement authority would have to use “existing channels of cooperation and mutual legal assistance agreements” if they wanted data and information from companies in the EU.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

In an oral question to the Commission, liberal MEPs drew attention to US legislation, including the Medicare Act and the Patriot Act, which, they said, could require the submission of personal data stored in Europe to the US authorities.

Asking the Commission whether transferring personal data to third countries constituted a violation of EU data protection rights they also questioned what action the Commission would take with the US authorities and what it would do to ensure that third country legislation did not take precedence over EU law.

Dutch Liberal MEP Sophie In’t Veld opened the debate by emphasising the need for certainty that “our own European laws always apply within Europe, or whether they could be overruled by third country laws”.

She said that because the US considered its jurisdiction to extend beyond its borders, US law could have “extra-territorial effect within Europe”.

Simon Busuttil, spokesman for the centre-right EPP group on the civil liberties and justice committee, commented that it would be “ironic if it were easier for third countries to process European citizens’ data in their territory than for European entities to do so in Europe.”

That is not acceptable for our citizens and, of course, cannot be acceptable to our Chamber, which is why we have to work together to find workable solutions,” he added.

Despite Commissioner Reding's reply, In’t Veld maintained her concerns about the legal framework, referring to the possible use of subpoenas requiring the US operation of an EU-based company to disclose data stored in Europe.

“This is not through a mutual legal assistance treaty; this is a company which has an operation in the US and is being obliged to provide data stored in the EU,” she stated, asking how the Commission would protect such companies.

Last month the Commission unveiled proposals to radically overhaul the EU’s fifteen year old data protection legislation, and give citizens more control over the use of their data.

They included a ‘right to be forgotten’ clause, whereby consumers can require companies to delete their data. The new proposal sets down heavy fines for companies guilty of breaching data privacy of up to €1 million or 2 per cent of global annual revenue.

US envoy talks down fears on internet snooping

A senior US official has tried to dispel the notion that post-9/11 America abuses internet privacy, as EU law-makers and civil liberties activists look to the future of web policing.

IT bugs haunt work of EU fraud busters

EU efforts to fight fraud have been hampered by bugs and delays in an €29m IT system meant to help manage investigations more efficiently.

Opinion

The Digital Services Act — a case-study in keeping public in dark

Companies and lobby groups like Spotify, Google and International Federation of the Phonographic Industry (IFPI) were able to lobby member states using live knowledge of the trilogue discussions on content-ranking systems, advertising and liability for search engines.

Stakeholder

The CPDP conference wants multidisciplinary digital future

During the Computers, Privacy and Data Protection (CPDP) conference, many high-level discussions will touch upon the dynamics of decision-making in the design of new technologies, including the importance of inclusion, diversity, and ethics perspectives within these processes.

Stakeholders' Highlights

  1. Nordic Council of MinistersNordic and Canadian ministers join forces to combat harmful content online
  2. Nordic Council of MinistersNordic ministers write to EU about new food labelling
  3. Nordic Council of MinistersEmerging journalists from the Nordics and Canada report the facts of the climate crisis
  4. Council of the EUEU: new rules on corporate sustainability reporting
  5. Nordic Council of MinistersNordic ministers for culture: Protect Ukraine’s cultural heritage!
  6. Reuters InstituteDigital News Report 2022

Latest News

  1. Keeping gas as 'green' in taxonomy vote only helps Russia
  2. 'War on Women' needs forceful response, not glib statements
  3. Greece defends disputed media and migration track record
  4. MEPs adopt new digital 'rule book', amid surveillance doubts
  5. 'World is watching', as MEPs vote on green finance rules
  6. Turkey sends mixed signals on Sweden's entry into Nato
  7. EU Parliament sued over secrecy on Nazi MEP expenses
  8. Italy glacier tragedy has 'everything to do' with climate change

Join EUobserver

Support quality EU news

Join us