The Secure Times

An online forum of the ABA Section of Antitrust Law's Privacy and Information Security Committee

More International Reactions to the US Massive Intelligence Collection

Leave a comment

The revelation of the large-scale US intelligence collection program continues to bring about international reactions.  

United Nations

The Third Committee of the United Nations (Social, Humanitarian and Cultural) approved on November 26 a draft resolution on “The right to privacy in the digital age.” The draft will now advance to General Assembly voting.

 The General Assembly would call upon Member States to respect the right to privacy and to take measures to prevent its violation. They also would have to “review their procedures, practices and legislation regarding the surveillance of communications, their interception and collection of personal data, including mass surveillance, interception and collection, with a view to upholding the right to privacy by ensuring the full and effective implementation of all their obligations under international human rights law.

The General Assembly would also request the United Nations High Commissioner for Human Rights to write a report on the right to privacy in the context of domestic and extraterritorial surveillance and/or interception of digital communications and collection of personal data, including on a mass scale.

European Union Commission

In the European Union, the EU Commission published today a communication on “Rebuilding Trust in EU-US Data Flows.” The Commission noted that “the standard of protection of personal data must be addressed in its proper context, without affecting other dimensions of EU-US relations.”

This is why data protection standards will not be negotiated within the Transatlantic Trade and Investment Partnership (TTIP).

The Commission noted in the introduction that trust in the US/EU “has been negatively affected and needs to be restored” and that “[m]ass surveillance of private communication, be it of citizens, enterprises or political leaders, is unacceptable.”

The communication identified six steps which should be taken to restore trust in transatlantic data transfers:

Implement the EU Data Protection Reform

The proposed regulation has a wide territorial scope since companies not established in the EU would have to apply it if they offer goods and services to European consumers or monitor their behavior.

The regulation would also provide” clear rules on the obligations and liabilities of data processors such as cloud providers.” Surveillance programs affect data stored in the cloud, and companies providing cloud services asked to provide personal data to foreign authorities would not be able “to escape their responsibility” by arguing that they are mere data processors, not data controllers.

Making the Safe Harbor Safe

The Safe Harbor scheme has several weaknesses and that leads to some competitive disadvantages. For instance, some self-certified Safe Harbor members do not comply with its principles in practice. Also, some countries may decide to cease altogether data transfer on the basis of Safe Harbor.

Therefore,” the current implementation of Safe Harbor cannot be maintained.”However, it should be strengthened, not canceled.

The scheme would be more effective if certified companies would have more transparent privacy policies  and also if affordable dispute resolution mechanisms would be available to EU citizens.

Strengthening Data Protection Safeguards in the Law Enforcement Area

The current negotiations between the US and the EU on an “umbrella agreement” for transfers and processing of data in the context of police and judicial cooperation must be concluded quickly.

Using the existing Mutual Legal Assistance and Sectoral Agreements to Obtain Data

The Commission expressed hope that the US would commit that personal data held by private companies located in the EU will not be directly accessed and transferred to US law enforcement authorities outside of formal channels of cooperation, such as the Passenger Name Records Agreement and Terrorist Financing Tracking Program.

Addressing European Concerns in the On-Going U.S. Reform Process

President Obama has announced a review of U.S. national security authorities’ activities. This process should also benefit EU citizens by providing an opportunity to address the EU concerns about US intelligence collection programs.

Safeguards available to US citizens should be extended to EU citizens not resident in the US, and transparency should be increased and there should be better and stronger oversight.

Promoting Privacy Standards Internationally

The U.S. should accede to the Council of Europe’s Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, the “Convention 108”, which is open to countries which are not member of the Council of Europe. The US has already acceded to the 2001 Convention on Cybercrime.

The press release about this communication is available here.

Advertisements

Author: marieandreeweiss

Marie-Andrée was educated in France and in the United States, and holds law degrees from both countries. She is fully bilingual English-French, and writes articles regularly in these two languages on various privacy-related topics. Marie-Andrée is a member of the Bar of the State of New York. As an attorney in solo practice, she focuses on intellectual property, First Amendment, privacy, and Internet-related issues. Before becoming an attorney, she worked several years in the fashion retail industry, as a buyer then a director of marketing. She is a member of the New York State Bar Association (Intellectual Property Section and International Section), and of the American Bar Association (Business Law Section, Section of Antitrust Law, and Section of Intellectual Property Law)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s