© The Financial Times Ltd 2015 FT and 'Financial Times' are trademarks of The Financial Times Ltd.
November 25, 2013 5:17 pm
Brussels is to warn Washington that US tech companies risk losing their exemption from privacy rules unless the US changes the way it treats EU citizens’ online data.
A European Commission review of the “safe harbour” pact that allows US technology groups such as Google, Facebook and Microsoft to operate in Europe without EU oversight will conclude that Washington has improperly forced US companies to hand over European customers’ data. It also says that breaches of the data deal have given US tech companies a competitive advantage over European rivals.
Although the review, which will be unveiled on Wednesday, stops short of calling for the safe harbour agreement to be scrapped, its wording signals that the EU will move in that direction unless the US changes the way that it uses data held by companies on EU citizens.
A scrapping of the safe harbour deal is one of the most formidable weapons the EU has in its arsenal to punish the Obama administration after claims of snooping on Europeans by the National Security Agency.
Such a move would wreak havoc for any US tech company doing business in Europe – especially Google, Facebook and Microsoft, which rely on the agreement to transfer customers’ data seamlessly between countries.
“The personal data of EU citizens sent to the US under the ‘safe harbour’ may be accessed and further processed by US authorities in a way incompatible with the grounds on which the data was originally collected,” says a draft version of the review obtained by the Financial Times.
“The commission has the authority . . . to suspend or revoke the safe harbour decision if the scheme no longer provides an adequate level of protection,” the review adds.
Ending safe harbour and subjecting US companies to European privacy laws would put them in a legal bind over NSA requests for information about European citizens. Under US law they would still be forced to hand over the information, provided the request was backed by an order from the secret foreign intelligence surveillance court but doing so would breach their extra responsibilities in Europe.
Internet companies say the conflict would force them to ringfence EU operations and hold data about the bloc’s citizens in new legal entities there, creating separate islands of data that would lessen the efficiency of their operations and risk balkanizing the internet into separate regional networks.
Analysis of revelations about the extent of the surveillance state in the US
US officials have been trying to mollify European concerns about the NSA spying scandal through a bilateral working group chaired by Eric Holder, the US attorney-general, and Viviane Reding, the EU’s justice commissioner.
But the findings of the safe harbour review will dent US hopes of finding a quiet solution to the dispute and reflect growing political pressure in Germany and the European Parliament to take a harder stand with Washington.
Indeed, the report states that the Holder-Reding working group has confirmed EU fears that its “citizens do not enjoy the same rights and procedural safeguards as Americans.”
Brussels will give the US time until spring to address its concerns. If Washington fails to do so the commission will come under immense political pressure to end the safe harbour agreement.
The European Parliament last month called for the suspension of sharing global financial data processed through the Belgium-based Swift consortium, following claims that US spies had collected information directly without EU consent.
However, the commission’s findings concluded that the US had not breach the Swift agreement, which is used to track terrorists’ transactions.
Copyright The Financial Times Limited 2015. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.
Sign up for email briefings to stay up to date on topics you are interested in