The European Parliament has asked the Commission to reopen negotiations with the United States and shore up gaps in the Privacy Shield agreement.
A vast majority of MEPs approved a resolution today (26 May) that said the executive still needs to fix the data transfer deal, which allows US authorities to collect EU citizens’ data in bulk in some cases.
The Parliament’s opinion is not binding, but it does increase pressure on the Commission to boost privacy guarantees in the controversial agreement.
The executive came under fire after finishing negotiations over Privacy Shield in February. Critics say the deal will not stand up in the European Court of Justice, which knocked down the predecessor Safe Harbour agreement last October because it did not protect EU citizens’ data once it is sent to the US.
The executive is already running behind schedule – EU Justice Commissioner Vera Jourova and Digital Commissioner Günther Oettinger previously said they want the agreement to go into effect by the end of June. That can only happen after a group of diplomats from EU member states sign their approval.
euractiv.com previously reported that the diplomats were supposed to vote on Privacy Shield last week. But the group put off its final verdict and scheduled a slew of new meetings through until the end of June.
The Commission says it has already finished negotiating the agreement with US government officials but is still asking for clarification on some points.
The EU executive faces an uphill task. MEPs singled out bigger issues in the agreement that likely cannot be changed quickly, like bulk collection of data and intelligence agencies’ access.
Commission spokesman Christian Wigand said the Parliament asked for realistic changes and not a drastic renegotiation of the agreement.
“We’re working on exactly that in the final stretches,” Wigand said.
But the Parliament’s resolution asked the executive to “fully” take on criticism from national privacy watchdogs in EU member states, who slammed the agreement last month and asked for tighter rules on when US authorities can collect personal data in bulk.
Jourova told MEPs the Commission is “clarifying” details to make sure the new privacy ombudsman in the US State Department is independent. The executive is also asking for changes on how long EU citizens’ can be stored in the US after legal advisors said the agreement was not clear enough.
Jourova said she wants to have Privacy Shield “up and running by the summer” – a less precise deadline than the Commission’s previous goal of the end of June.
German MEP Jan Philipp Albrecht (Green) said many of the Parliament’s demands would need US laws to be changed. With only a few months left before a new president takes office, big changes will not meet Jourova’s deadline.
Albrecht submitted an amendment to the Parliament’s resolution asking the Commission to include a sunset clause that would make the Privacy Shield expire after a few years. But the amendment was rejected by a majority of MEPs.
“The bigger groups don’t want to be the ones that are beaten up for this agreement not going into force,” Albrecht said.
