Pending the approval of the EU's rotating presidency, Brussels will start negotiations with the US aimed at reconciling a transatlantic divide in the protection of citizens' personal data. The talks mark a U-turn in the bloc's approach to EU-US anti-terror investigations.
The EU has gone back to the drawing board to reconcile gaps between EU and US laws on data protection after the European Parliament refused to back previous transatlantic agreements on sharing citizens' financial data and their passenger flight records in anti-terror investigations.
The European Commission yesterday (26 May) announced it had drafted a mandate – a text for negotiation –outlining the kinds of right it will be seeking for EU citizens whose data is accessed by US authorities.
"Fundamental rights must be protected and respected at all times. I want an EU-US agreement that protects personal data rights while fighting crime and terrorism, said European Commission Vice President for Justice, Fundamental Rights and Citizenship Viviane Reding.
The agreement would give EU citizens the right to access, rectify or delete data where appropriate, according to a statement from the Commission.
New draft to delay agreement
Observers say the change in the Commission's attitude comes after the European Parliament in February overwhelmingly voted against the terms of a previous agreement on sharing financial data – the SWIFT agreement, named after the company that stores the data on its servers (EurActiv 11/02/10).
Commissioner Reding will present the draft mandate both to the EU's current Spanish Presidency and the European Parliament next week.
Under pressure from American authorities over a widening security gap in terror investigations, the Commission had initially intended to have a new agreement signed by the summer.
A spokesperson said the new draft mandate would likely push an agreement back to 2011 because getting a deal with the US would take "a great deal of negotiation".
Dutch MEP takes on Homeland Security
MEPs' concerns over how data is used in the US intensified after a Dutch MEP went head to head with the US Department of Homeland Security (DHS) last year.
Sophie In 't Veld, a liberal MEP, petitioned the US authorities to let her look into her passenger name records and asked the DHS and the FBI to explain the meaning of a swathe of inexplicable codes attached to her records.
When none of that worked, she took the agencies to court, where a judge ruled that the DHS had done enough to satisfy In 't Veld's request.
SWIFT is a Belgium-based private company that handles the banking transactions of thousands of banks, including most European ones.
Following the September 11 terrorist attacks in 2001, the US government used the new Terrorist Finance Tracking Programme (TFTP) to force SWIFT's American branch (which mirrors all data based in Belgium) to allow US officials access to all bank transactions in order to help anti-terrorism operations.
In a show of newly-gained power under the Lisbon Treaty, in February 2010, the European Parliament blocked an interim SWIFT data-sharing agreement negotiated by the European Commission and the US Treasury (EurActiv 11/02/10).
Some European political groups, notably the liberal faction in the Parliament, have repeatedly criticised the agreement as "not only a restraint on European sovereignty but a massive intrusion into every single European citizen's privacy".
In May 2010, MEPs gave the Commission their approval to re-launch talks with the US on the agreement provided the new terms established an equivalent EU-based authority to gather the financial data of anti-terror suspects (EurActiv 05/05/10)
- 3-4 June: EU justice ministers to meet in Brussels to discuss Commission proposal.
- European Commission: Press release on new privacy standards in EU-US data protection agreement [FR] [FR] [DE]
- European Parliament: MEPs reject the SWIFT agreement