Wednesday

28th Sep 2022

EU data chiefs failed to report US privacy complaints

  • Anti-snooping mural in London (Photo: nolifebeforecoffee)

The US top privacy enforcer Jessica Rich on Wednesday (21 October) said EU national data protection authorities did little to help crack down on violations under Safe Harbour.

Rich is the bureau director at the US Federal Trade Commission (FTC).

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

The FTC oversaw Safe Harbour, an invalidated 15-year old scheme that was supposed to make sure US firms applied European privacy standards when dealing with the personal data of EU citizens.

Rich said European national data authorities were supposed to alert the FTC of any possible violations under the scheme but they seldom did.

“During the entire time we were enforcing the Safe Harbour, we had gotten only four referrals”, she told reporters in Brussels.

Rich said she had met and asked her European counterparts at various conferences to send the FTC complaints but her advice was not followed.

“The referral process was not working and at a certain point, we decided to start looking for Safe Harbour violations ourselves”, she said.

One independent study found hundreds of US firms had made false claims they belonged to self-certification scheme.

Rich said the FTC acted on some of them after being informed.

The FTC had filed 40 cases over the 15 years. All were settled out of court.

“We alleged a couple of years ago that Google violated its order and in fact it then paid a $22.5 million penalty”, she said.

Max Schrems

The European Court of Justice in Luxembourg earlier this month scrapped the pact following a lengthy legal battle between Facebook and Austrian privacy campaigner Max Schrems.

Schrems had initially filed a complaint with Ireland’s data protection commissioner but was told his case was “frivolous”. He then took it to Ireland's high court, which referred the case to Luxembourg.

Schrems had said Facebook, which has its international headquarters based in Dublin, could not guarantee the privacy of his data stored in the United States because of US-led mass surveillance.

The 29-year old PhD student told this website that it is an issue of European data protection authorities “not doing their jobs in all countries properly”.

“I just know that the Irish have a memorandum of understanding with the FTC so apparently they know each other and even there they were not able to refer my complaint”, he said.

Safe Harbour 2.0

Several thousand US firms, including giants like Apple, Facebook, Google, had signed up to Safe Harbour.

With the agreement now scrapped, many are faced with a legal dilemma on how transfer and process data from the EU.

Those who relied only on Safe Harbour will now have to use alternative transfer methods like model contractual clauses. Model contracts, which contain data protection provisions, have to be either approved by an EU data protection authority or the European Commission.

Meanwhile, the European commission and its US counterparts have spent the past two years negotiating a new Safe Harbour agreement.

The Brussels-executive had issued 13 recommendations for the US but the Americans refuse to budge on national security issues.

The FTC is negotiating the points related to commerce but Rich refrained from discussing the national security aspects of the talks.

Schrems, for his part, said he doubts a new Safe Harbour will change anything.

“If we find an agreement, it is very likely that the Safe Harbour will be challenged in the court again,” he said.

He is now looking at other companies alleged to have collaborated with the US National Security Agency in the lead up to the mass surveillance revelations in 2013 “just to see if we get cases rolling there”.

“This is not a bashing the US case, this is a mass surveillance issue", he said.

EU imposes deadline for new US data pact

The European Commission is using the European Court of Justice ruling on Safe Harbour as a leverage to get a new deal with American authorities.

US firms ignoring EU court ruling on data, Schrems warns

Facebook and other big US firms have no intention of respecting the landmark ruling by the EU's highest court on data transfers to the US. The court in July dramatically scrapped Privacy Shield, citing US surveillance concerns.

Cyber-risk from Internet of Things prompts new EU rules

With evermore connected devices on the market, new EU rules aim to minimise cybersecurity risks from innocuous household appliances and industrial operating systems — amid concern over the increasing number of cyberattacks and their cost for companies.

EU parliament spyware inquiry eyes Italian firms

An investigation by Lighthouse Reports and media partners including EUobserver found Italian firms Tykelab and RCS Lab were using surreptitious phone network attacks and sophisticated spyware against targets. The findings have spiked the interest of MEPs already probing spyware abuse.

Opinion

The Greek Watergate

In the European Parliament hearing into espionage against Greek politicians and reporters, the spied-upon journalists recounted their experiences — but the non-answers provided by the Greek government official were embarrassing, confrontative, and institutionally vacant.

Investigation

NSO surveillance rival operating in EU

As European Parliament hearings into hacking scandals resume this week, an investigation led by Lighthouse Reports with EUobserver, Der Spiegel, Domani and Irpimedia reveals the unreported scale of operations at a shady European surveillance outfit.

News in Brief

  1. EU okays €21bn Covid-recovery funding for Italy amid concern
  2. Greece pitches new EU fund to tackle energy prices
  3. Hungary says sanctions 'harming Europe more than Russia'
  4. France aims to start building new nuclear reactors by 2027
  5. Polish PM thinks it's 'clear' Nord Stream leaks are act of sabotage
  6. Former Jobbik MEP sentenced to prison for Russia spying
  7. There is a 'really big hole' in the Nord Stream pipeline
  8. Danish PM suspects Nord Stream leaks may be sabotage

Stakeholders' Highlights

  1. UNESDA - Soft Drinks EuropeCall for EU action – SMEs in the beverage industry call for fairer access to recycled material
  2. Nordic Council of MinistersNordic prime ministers: “We will deepen co-operation on defence”
  3. EFBWW – EFBH – FETBBConstruction workers can check wages and working conditions in 36 countries
  4. Nordic Council of MinistersNordic and Canadian ministers join forces to combat harmful content online
  5. European Centre for Press and Media FreedomEuropean Anti-SLAPP Conference 2022
  6. Nordic Council of MinistersNordic ministers write to EU about new food labelling

Latest News

  1. Underwater explosions were detected near Nord Stream leaks
  2. EU countries stall new pesticide rules, blame Ukraine war
  3. The UN's Uyghur report must push EU into China sanctions
  4. Russian diamonds ban 'would cost 10,000 jobs', Antwerp claims
  5. EU should admonish less, and listen more, to the Global South
  6. Foul play suspicions in Nord Stream leaks
  7. 'Collective guilt' — the dilemma of penalising Russia's opposition
  8. Europe's far-right celebrates Meloni victory

Join EUobserver

Support quality EU news

Join us