by: Tom Corelis
Treaty could redraw privacy climate on both sides of the Atlantic
The United States Department of Homeland Security (DHS) may soon have access to private data on European citizens, thanks to a new transatlantic treaty nearing the long road towards ratification.
Brokered by “high-level contact groups” between U.S. and European security officials, the data-sharing pact could give DHS officials access to credit card, travel and even internet browsing histories of EU citizens for antiterrorism purposes, such as screening airline manifests for suspicious passengers.
An internal report seen by the New York Times says that the treaty was drawn up due to the stark differences in privacy laws between the United States and EU member nations. Strict data-sharing regulations in Europe make it difficult for American investigators to hunt for suspicious activity, creating heady disputes that “frayed” diplomatic relations and “required difficult negotiations to resolve.”
One of the biggest remaining snags revolves around how Europeans can seek redress for mistakes by the U.S. Europe wants to allow its citizens the ability to sue the U.S. government when action is taken against them due to faulty data, in a similar fashion afforded to both U.S. and EU citizens in their own countries. The Bush Administration, which seeks to finish the treaty and have it signed before leaving in January, would rather have complaints addressed administratively due to the fact that granting EU citizens the right to sue would require new, time-consuming legislation.
Combined with a recent European push towards monitoring the activity of its citizens – a feat previously unworkable due to a lack of technological advancement – a data-sharing agreement could result in the U.S. acquiring large amounts of data on EU citizens collected by newly-mandated surveillance systems.
A number of European countries voiced objections to the accord, citing a variety of violations to their respective privacy laws – which are typically far stricter than laws in the U.S. Further compounding differences between U.S. and EU privacy laws is the question of oversight -- European governments employ independent public agencies to oversee privacy enforcement, whereas the U.S. handles such tasks internally. As it stands right now, it appears the European government will concede the point due to its finding the U.S. government’s internal oversight and accountability to be more than sufficient for handling EU data.
“The reason it’s a big deal is that it is going to lower the whole transaction cost for the U.S. government to get information from Europe,” said University of California, Berkeley law professor Paul M. Schwartz. “Most of the negotiations will already be completed. They will just be able to say, ‘Look, we provide adequate protection, so you’re required to turn it over.’”
The treaty includes exemptions for certain kinds of data, including information that tells a person’s political opinions, race, religion, health or “sexual life” – but only if domestic law fails to provide “appropriate safeguards.”
UK newspaper The Guardian points out that the French government, which will gain six-month presidency of the EU today, is keen to see the treaty’s passage.
“Everybody's keen on this and sees the benefit of it. The French are very keen to continue the work,” said a senior EU official. “There's all sorts of information stored on computers nowadays that may be of interest to law enforcement agencies. If we reach agreement, we may well contemplate turning it into a binding international agreement.”
The U.S. claims that increased data-sharing is an important component of its Visa Waiver Program available to a variety of countries, including many EU member nations.
“This will require compromise,” said Google privacy counsel Peter Fleischer. “It will require people to agree on a framework that balances two conflicting issues: privacy and security. But the need to develop that kind of framework is becoming more important as more data moves onto the Internet and circles across the global architecture.”
