Wednesday

6th Jul 2022

US embassy defends 'invalid' EU data pact

  • The case was brought against Facebook Ireland (Photo: Maurizio Pesce)

The United States has spoken out against a European Court of Justice opinion which invalidated a 15-year old data-sharing pact.

The US embassy to the EU on Monday (28 September) said a preliminary judgment by Yves Bot, the court’s advocate general, was based “on numerous inaccurate assertions about intelligence practices of the United States".

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

  • Facebook data centre in the United States (Photo: Tom Raftery)

It said US intelligence gathering is targeted and does not engage in "indiscriminate surveillance of anyone, including ordinary European citizens."

The EU-US data agreement - Safe Harbour - is supposed to “ensure an adequate level of [data] protection” whenever the personal data of EU nationals is transferred to firms based in the US.

Over 3,000 US companies have signed up to the self-certification scheme, which is enforced by the US Federal Trade Commission.

But it has come under pressure following Edward Snowden revelations in 2013 that the US spy hub, the National Security Agency, engaged in massive and indiscriminate surveillance of EU citizens.

The case stems from a complaint lodged by Austrian national Max Schrems against Facebook in Ireland.

Schrems says Safe Harbour cannot ensure an adequate level of protection of personal data because Facebook Ireland transfers data back to the United States.

Ireland’s data protection authority had Schrems’ complaint dismissed because Facebook is signed up to Safe Harbour. Schrems appealed and the High Court of Ireland asked the European of Court of Justice to intervene.

Last week, the Luxembourg-court's advocate general Yves Bot delivered a blow against the data sharing agreement.

He said in an opinion that national authorities should be able to suspend the transfer of data to the US regardless of Safe Harbour.

He also said they are entitled to investigate whether the US actually provides “an adequate level of protection”.

He then described US intelligence access to the data as “interference with the right to respect for private life and the right to protection of personal data.”

Bot’s opinion is important because it influences how the EU court may rule its final judgment.

One study showed that hundreds of US-based companies handling EU citizens' data have lied about belonging to Safe Harbour.

Viviane Reding, who was EU commissioner for justice at the time of the Snowden revelations, said Safe Harbour needs to be strengthened or “it will be suspended.”

The commission has since issued 13 recommendations for the United States on how to improve it. But the Americans are refusing to budge on the pact’s national security exemptions.

The US embassy to the EU, for its part, says bilateral discussions on how to improve the pact means it is not “inadequate” as described by Bot.

“On the contrary, the framework was conceived as a living document, and this is not the first time that the two sides have engaged to improve its operation”, said the embassy in a statement.

EU-US data sharing at risk

Future EU-US data sharing risks complications if the EU Court follows the opinion of Yves Bot, its attorney general, issued on Wednesday.

IT bugs haunt work of EU fraud busters

EU efforts to fight fraud have been hampered by bugs and delays in an €29m IT system meant to help manage investigations more efficiently.

EU reaches deal on flagship cybersecurity law

The European Parliament and EU member states have reached an agreement over new rules intended to protect Europe's public and private critical entities from cyberattacks.

Opinion

The Digital Services Act — a case-study in keeping public in dark

Companies and lobby groups like Spotify, Google and International Federation of the Phonographic Industry (IFPI) were able to lobby member states using live knowledge of the trilogue discussions on content-ranking systems, advertising and liability for search engines.

Stakeholder

The CPDP conference wants multidisciplinary digital future

During the Computers, Privacy and Data Protection (CPDP) conference, many high-level discussions will touch upon the dynamics of decision-making in the design of new technologies, including the importance of inclusion, diversity, and ethics perspectives within these processes.

Stakeholders' Highlights

  1. Nordic Council of MinistersNordic and Canadian ministers join forces to combat harmful content online
  2. Nordic Council of MinistersNordic ministers write to EU about new food labelling
  3. Nordic Council of MinistersEmerging journalists from the Nordics and Canada report the facts of the climate crisis
  4. Council of the EUEU: new rules on corporate sustainability reporting
  5. Nordic Council of MinistersNordic ministers for culture: Protect Ukraine’s cultural heritage!
  6. Reuters InstituteDigital News Report 2022

Latest News

  1. Keeping gas as 'green' in taxonomy vote only helps Russia
  2. 'War on Women' needs forceful response, not glib statements
  3. Greece defends disputed media and migration track record
  4. MEPs adopt new digital 'rule book', amid surveillance doubts
  5. 'World is watching', as MEPs vote on green finance rules
  6. Turkey sends mixed signals on Sweden's entry into Nato
  7. EU Parliament sued over secrecy on Nazi MEP expenses
  8. Italy glacier tragedy has 'everything to do' with climate change

Join EUobserver

Support quality EU news

Join us