EU should use US trade talks to win data privacy, say MEPs

MEPs have approved an inquiry report that calls for a new EU-US trade deal to be blocked unless the US fully respects EU citizens’ data privacy

The European Parliament should withhold its consent to an EU-US trade deal unless the US fully respects EU citizens’ data privacy, says an inquiry report on US internet surveillance of EU citizens.

The report text, approved by the Civil Liberties Committee on Wednesday also calls for data protection rules to be excluded from the trade talks and negotiated separately with the US.

“The fight against terrorism can never be a justification for untargeted, secret or even illegal mass surveillance programmes,” the report says.

Rapporteur Claude Moraes said the report brings together in-depth recommendations on whistleblower Edward Snowden's allegations of US National Security Agency (NSA) spying and plan for action.

“I hope that this document will be supported by the full parliament and that it will last beyond the next European Parliament's mandate,” he said after the vote.

By approving the document, Members of the European parliament (MEPs) are calling for a halt to US mass surveillance activities and the interception of communications in EU institutions and diplomatic missions.

They say finding a solution for data privacy rights of EU citizens, including administrative and judicial redress is also necessary before parliament can give consent to the final Transatlantic Trade and Investment Partnership (TTIP) deal with the US.

MEPs are also calling for the "immediate suspension" of the Safe Harbour privacy principles that cover voluntary data protection standards for non-EU companies transferring EU citizens’ personal data to the US. These principles “do not provide adequate protection for EU citizens” say MEPs, who want the US to propose new personal data transfer rules that meet EU data protection requirements.

The Terrorist Finance Tracking Programme (TFTP) deal should also be suspended until allegations that US authorities have access to EU citizens’ bank data outside the agreement are clarified, say MEPs.

The EU-US data protection framework agreement to be struck in spring 2014 must ensure proper judicial redress for EU citizens whose personal data are transferred to the US, they say.

The EU needs a “digital new deal”, to be delivered by the joint efforts of EU institutions, member states, research institutions, industry and civil society, say MEPs.

Within the EU, MEPs are calling on member states to accelerate their work on draft EU data protection reform legislation so that it can be passed by the end of 2014.

They say trust in US cloud computing and cloud providers has been damaged by surveillance practices, therefore Europe should develop its own clouds and IT solutions to ensure a high standard of personal data protection.

The approved document urges the European Commission (EC), the executive body of the EU, to examine whether a future EU law establishing a "European whistleblower protection programme" should also include other fields of EU competence, "with particular attention to the complexity of whistleblowing in the field of intelligence".

EU member states are also asked to consider granting whistleblowers international protection from prosecution.

The report says the UK’s detention of David Miranda and seizure of material in his possession under the UK Terrorism Act and its demand that the Guardian newspaper hand over or destroy such material possibly constitutes “serious interference with the right of freedom of expression and media freedom", as recognised by the European Convention on Human Rights and the EU Charter.

The report calls on the UK, France, Germany, Sweden, the Netherlands and Poland to clarify the allegations of mass surveillance, including potential agreements between intelligence services and telecoms firms on access to and exchange of personal data and access to transatlantic cables and their compatibility with EU laws.

Other EU countries are also urged to review their national laws and practices governing the activities of intelligence services to ensure that they are subject to parliamentary and judicial oversight and public scrutiny and that they comply with fundamental rights obligations.

The full parliament will vote on the inquiry report recommendations on 12 March in Strasbourg.

The Civil Liberties Committee inquiry into mass surveillance of EU citizens began in September 2013. A total of 15 hearings have been held since then.

Approval of the inquiry report coincided with proposals by the EC to reduce US influence over the way the internet is run, reports the Telegraph.

The EC wants control over vital decisions on internet governance to be handed over to panels made up of non-governmental organisations, countries, academics and private companies.

Draft proposals call for such an international group to replace the US-based Internet Corporation for Assigned Names and Numbers (ICANN), which manages the introduction of new top-level domains.

"The Internet should remain a single, open, free, unfragmented network of networks, subject to the same laws and norms that apply in other areas of our day-to-day lives. Its governance should be based on an inclusive, transparent and accountable multi-stakeholder model,” say the draft proposals.

The EC is pushing for Europe to play a greater role in defining the future of the internet.

China, Russia and their allies want greater government control over the internet, but the EU is proposing more international and decentralised oversight.

The likelihood of that happening will depend on reactions to the proposals from the EU's 28 member states.

However, commentators say there could be strong backing because confidence in US impartiality has been undermined by revelations of NSA internet surveillance.

Read more on Privacy and data protection