Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

EU Lays Down Data Protection Steps for US

BRUSSELS – The EU on Wednesday laid down steps Washington must take to restore trust after a huge spying scandal, including giving EU citizens the right to US legal redress to protect personal data.

BRUSSELS – The EU on Wednesday laid down steps Washington must take to restore trust after a huge spying scandal, including giving EU citizens the right to US legal redress to protect personal data.

“Massive spying on our citizens, companies and leaders is unacceptable,” EU Justice Commissioner Viviane Reding said, adding there was “now a window of opportunity to rebuild trust which we expect our American partners to use.”

An umbrella agreement being negotiated on EU-US data protection “has to give European citizens concrete and enforceable rights, notably the right to judicial redress in the US whenever their personal data are being processed in the US,” Reding said in a statement.

A key concern in Europe — where memories of surveillance by fascist and communist dictatorships remain alive — is the pressure Washington exerts on giant US companies to hand over personal data, including of EU citizens, on national security grounds.

Up to now Brussels and Washington have reconciled their differences in a ‘Safe Harbour’ agreement which aims to ensure US companies respect EU norms on commercial personal data use.

In the EU, personal data protection is considered a basic right whose commercial use must be carefully controlled.

Safe Harbour now needs to be tightened up, Reding said, with 13 suggested changes, including a provision requiring US companies to make clear the extent to which US authorities have the right to collect and process data they may have gathered.

Advertisement. Scroll to continue reading.

The national security justification often cited for such government access must also be used only if strictly necessary.

Reding said the EU must conclude reform of its own data protection laws and be actively involved to ensure that US reforms promised by President Barack Obama “also benefit EU citizens.”

Highlighted by the reported US tapping of German Chancellor Angela Merkel’s mobile phone, data protection has become a hugely sensitive topic since intelligence leaker Edward Snowden described a massive network of US spy operations on friend and foe alike earlier this year.

The uproar prompted the European Parliament to call for talks on a massive free trade deal with the United States to be halted and the Safe Harbour system to be scrapped in protest.

But the European Commission stressed again Wednesday that data protection standards would not be part of the negotiations on the planned Transatlantic Trade and Investment Partnership.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.