US cloud snoops pose questions for EU cybercrime body
The EU's new cybercrime centre is to be officially launched at the end of the week, but privacy specialists say the Union is failing to protect personal data.
The Danish chief of the new body, Troels Oerting, told reporters in Brussels on Wednesday (9 January) its main task will be to help member states stop paedophiles who scour the net to entrap children.
Dear EUobserver reader
Subscribe now for unrestricted access to EUobserver.
Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.
- Unlimited access on desktop and mobile
- All premium articles, analysis, commentary and investigations
- EUobserver archives
EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.
♡ We value your support.
If you already have an account click here to login.
It will also tackle online fraud, such as stolen bank details, identify theft and malware.
Oerting noted that other EU agencies, private firms and academics will sit on the board to give expert advice.
"We have increased our co-operation with Microsoft, with Google, with Twitter and with other agencies," he said.
The centre is currently staffed with 30 experts, with plans to add another 10 in the course of this year. It is to become fully operational by 2015. But Oerting hopes to deliver initial results on paedophile groups by the end of 2013.
For her part, EU home affairs commissioner Cecilia Malmstrom welcomed the new body.
"It will be a very much needed tool to complement and support the work done by EU national law enforcement authorities to fight cybercrime," she said alongside Oerting at Wednesday's briefing.
But some rights groups are worried the EU is ignoring the US as a potential threat to data privacy in its quest to catch online criminals.
US authorities in late December extended their Foreign Intelligence and Surveillance Amendments Act (FISAA) for another five years.
The law entitles American authorities to compel US companies in possession of EU citizens' data stored on their clouds to hand over the information if requested, regardless of EU data protection laws.
"Europe stands on the brink of an irreversible loss of data sovereignty if we don't develop a major new industrial policy for Clouds that can be solely under EU jurisdiction," Gus Hosein, the head of the UK-based NGO Privacy International told this website by email.
A recent study by the European Parliament has also noted that FISAA allows mass surveillance of non-US citizens' cloud-stored information.
"It is lawful in the US to conduct purely political surveillance on foreigners' data accessible in US clouds," the report says.
Oerting said his new centre will not address the US question, however.
"We will not deal with this specific act. The [centre] is here to serve the member states, so what is happening in the member states we will try to support," he explained.
He later told EUobserver that EU consumers should carefully choose where they decide to store their data and make sure it’s in a jurisdiction that affords them the greatest protection.