Tuesday

14th Aug 2018

Hundreds of US companies make false data protection claims

  • Data visualisation map for one client by internet firm LinkedIn (Photo: luc legay)

Hundreds of US-based companies handling EU citizens' data have lied about belonging to a data protection arrangement known as the Safe Harbour Framework.

Christopher Connolly, a director at Galexia, an Australian-based consulting company on internet law and privacy, told the European Parliament’s civil liberties committee on Monday (7 October) that “many claims of Safe Harbour membership are false.”

Read and decide

Join EUobserver today

Support quality EU news

Get instant access to all articles — and 18 year's of archives. 30 days free trial.

... or join as a group

He said around one out of every seven Safe Harbour claims of membership are bogus.

The Safe Harbour agreement, hammered out in 2000 between the European Commission and the US Department of Commerce, is supposed to ensure that firms follow EU data protection laws when processing the personal data of EU citizens.

Just under 3,000 companies have signed up to the self-certification scheme, which is only enforceable once the company makes a promise to adhere to a handful of privacy principles.

Companies are also entitled to limit the scope to cover only human resource data, or consumer data, or just offline data.

Galaxia research found over 200 false claims in 2008. This had increased to 427 in September 2013.

“In those 427 organisations, you will find large household names in Europe, with hundreds of millions of customers,” Connolly said.

He added that some of the companies place unauthorised Safe Harbour seals and logos on their website without ever having signed up to the framework in the first place.

The unauthorised visual symbols often have the word ‘EU’ or the European flag on the seal.

“These are simply very low quality and false representations of the actual membership of the Safe Harbour,” Connolly noted.

Over 10 percent of companies that make a false claim of Safe Harbour membership display the US department of commerce Safe Harbour logo on their website.

Privacy advocates have for years asked the Federal Trade Commission (FTC), which enforces Safe Harbour, to address the false claims but with little success.

The FTC has filed six cases of false claims against minor companies and did not sanction any of them.

Around 30 percent of all companies do not provide any information on dispute resolution options, contrary to the Safe Harbour rules. Others who display resolution options point to agencies that charge thousands of dollars to file a complaint.

Over 460 members cite the American Arbitration Association as their dispute resolution provider, which charges the person filing the complaint between $120 and $1,200 per hour with a four-hour minimum charge plus a $950 administration fee.

Meanwhile, Safe Harbour has no provisions to stop NSA-type activities from snooping on EU citizens.

Financial records, data records, travel records, and data and voice carried by US telecommunications providers are excluded from Safe Harbour jurisdiction.

“It would be dangerous to rely on Safe Harbour to manage any aspect of the specific national security issue we face now without first addressing the broader issue of false claims and non-compliance,” Connolly said.

The European Commission, for its part, said it is possible the agreement contains loopholes.

It noted, a few weeks after former NSA agent turned whistleblower Edward Snowden leaked secret documents to the Washington Post and the Guardian, that US data protection standards are lower than in the EU.

"The Safe Harbour agreement may not be so safe after all,” said EU commissioner for Justice Viviane Reding in July.

The commission is set to come out with an assessment report on Safe Harbour before the end of the year.

The FTC, for its part, says the agreement ensures the safe transfer of data of EU citizens.

“We think it is a great way for us to protect European citizens when we are doing a case involving a US company,” FTC commissioner Julie Brill told reports in Brussels in March.

EU privacy bill - one-stop shop

For her part, Reding also on Monday in Luxembourg said "an overwhelming majority" of EU justice ministers gave her "a very strong political endorsement" on a separate EU data privacy bill.

Under the draft law, EU citizens who want to complain about data-mishandling by internet firms, such as Facebook or Google, which have their EU seats in Ireland, can appeal to their national data chiefs instead of trying to reach the more remote Irish authorities.

On the other side, companies can tackle EU-wide data cases through the data chief in the EU country in which they have their HQ, instead of dealing with 28 different EU authorities.

Reding said her officials will draft a final version of the bill in December, with a view to adoption before EU elections in May 2014.

EU Commission skirts Italy sanctions on Roma evictions

The European Commission, as guardian of the treaties, declines to sanction Italy's treatment of the Roma following a forced eviction on Thursday of some 300 from a camp in the outskirts of the Italian capital.

News in Brief

  1. Malta to allow Aquarius migrants to disembark
  2. Juncker sends condolences over Genoa bridge collapse
  3. EU pledges €500,000 more for Indonesian earthquake island
  4. EU commission in talks with states on new Aquarius migrants
  5. Man held after car crashes into UK parliament security barrier
  6. Brexit delays better readability of medicines' instructions
  7. Masked youths set dozens of cars alight in Sweden
  8. Spain and Italy refuse new Aquarius-rescued migrants

Opinion

The systemic risk that Europe has to face

One of the biggest systemic risks across Europe, illustrated by Hungary and Poland, is the dominance of the executive power over the judiciary and informal channels of political dependency.

Schengen at stake in Austria-Germany talks

German interior minister Horst Seehofer is in Vienna on Thursday - as his plan to reject some asylum seekers was met by an Austrian threat to close its borders too.

Stakeholders' Highlights

  1. ACCACompany Law Package: Making the Best of Digital and Cross Border Mobility,
  2. IPHRCivil Society Worried About Shortcomings in EU-Kyrgyzstan Human Rights Dialogue
  3. UNESDAThe European Soft Drinks Industry Supports over 1.7 Million Jobs
  4. Mission of China to the EUJointly Building Belt and Road Initiative Leads to a Better Future for All
  5. IPHRCivil society asks PACE to appoint Rapporteur to probe issue of political prisoners in Azerbaijan
  6. ACCASocial Mobility – How Can We Increase Opportunities Through Training and Education?
  7. Nordic Council of MinistersEnergy Solutions for a Greener Tomorrow
  8. UNICEFWhat Kind of Europe Do Children Want? Unicef & Eurochild Launch Survey on the Europe Kids Want
  9. Nordic Council of MinistersNordic Countries Take a Stand for Climate-Smart Energy Solutions
  10. Mission of China to the EUChina: Work Together for a Better Globalisation
  11. Nordic Council of MinistersNordics Could Be First Carbon-Negative Region in World
  12. European Federation of Allergy and AirwaysLife Is Possible for Patients with Severe Asthma

Latest News

  1. EU commission steps up legal case against Poland
  2. Separation of powers instead of 'Spitzenkandidat' process
  3. Revealed: ExxonMobil's private dinner with Cyprus' top EU brass
  4. What Salvini teaches us about Operation Sophia
  5. 14 lobbyist meetings with Oettinger and Canete went unminuted
  6. UK poll suggests Brits would now vote Remain
  7. Some EU states face delays in 5G preparation
  8. Nordic and Baltic farmers urgently need EU support

Stakeholders' Highlights

  1. PKEE - Polish Energy AssociationCommon-Sense Approach Needed for EU Energy Reform
  2. Nordic Council of MinistersNordic Region to Lead in Developing and Rolling Out 5G Network
  3. Mission of China to the EUChina-EU Economic and Trade Relations Enjoy a Bright Future
  4. ACCAEmpowering Businesses to Engage with Sustainable Finance and the SDGs
  5. Nordic Council of MinistersCooperation in Nordic Electricity Market Considered World Class Model
  6. FIFAGreen Stadiums at the 2018 Fifa World Cup
  7. Mission of China to the EUChina and EU Work Together to Promote Sustainable Development
  8. Counter BalanceEuropean Ombudsman Requests More Lending Transparency from European Investment Bank
  9. FIFARecycling at the FIFA World Cup in Russia
  10. Nordic Council of MinistersOECD Report: Gender Equality Boosts GDP Growth in Nordic Region
  11. Centre Maurits Coppieters“Peace and Reconciliation Is a Process That Takes Decades” Dr. Anthony Soares on #Brexit and Northern Ireland
  12. Mission of China to the EUMEPs Positive on China’s New Measures of Opening Up

Join EUobserver

Support quality EU news

Join us