U.S., EU Race to Meet Safe-Harbor Deal Deadline
January 31 2016 - 7:40PM
Dow Jones News
BRUSSELS—U.S. and European Union negotiators are scrambling to
reach a deal on new "safe harbor" data-privacy protections in
advance of a Tuesday deadline, hoping to stave off a potentially
significant breakdown in trans-Atlantic commerce.
Washington and Brussels said they hoped to reach a deal in time,
but some issues remained unresolved Saturday, with the EU seeking
more clarity from the U.S. on transparency and on the oversight of
data transfers and privacy protections.
The European Union's highest court in October struck down the
previous framework, known as Safe Harbor, over concerns that
Europeans' data wasn't sufficiently protected in the U.S. and could
fall into the hands of intelligence services.
If an agreement on the new framework isn't reached within days,
the differences between the U.S. and EU could quickly widen,
negotiators and corporate leaders fear, potentially upending many
types of trans-Atlantic transactions.
Without the new safe-harbor accord, for example, data-privacy
regulators in European countries could move to invalidate some of
the alternative legal methods that U.S. firms have been employing,
such as so-called model contract clauses, to enable them to keep
handling Europeans' data.
Apple Inc. and Microsoft Corp. are among the big companies that
say they have been using the stringent terms written into
individual contracts.
At stake are billions of dollars in online advertising and other
business, as well as more mundane matters such as the storage of
human-resources documents about European employees.
Even more than big firms, small and midsize U.S. companies are
worried that a protracted dispute could undermine their
operations.
The negotiations appeared to get a boost this past week when the
U.S. Senate Judiciary Committee approved legislation that would
give many citizens of other countries the ability to sue in U.S.
court over data-privacy breaches. The bipartisan vote signaled the
legislation could move through Congress relatively quickly.
But another major sticking point remains over whether the U.S.
has provided enough information about the way it collects EU
citizens' data for intelligence purposes.
Robert Litt, general counsel for the Office of the Director of
National Intelligence, said Friday that the U.S. has explained to
its European counterparts "in great detail" about the legal
framework governing the U.S. national security services, including
the privacy protections they afford and the oversight they
receive.
As of Saturday, officials said they were still seeking more
clarity on the exceptional circumstances in which some bulk
collection of data might still be allowed for national security
purposes.
EU spokesman Christian Wigand said at a Friday briefing that
"intense" negotiations are continuing. "We need an arrangement that
lives up to the benchmarks that have been set" by the European
Court of Justice ruling in September that invalidated the
15-year-old Safe Harbor agreement, Mr. Wigand said.
Mr. Litt said he believed the U.S. has provided enough
information to prove that its privacy protections are essentially
equivalent to those in Europe. He said there were some cases where
targeted intelligence gathering might not be possible, and bulk
data-gathering might be needed—for example, when the U.S. and its
allies have deployed troops in harm's way.
"That's the kind of situation where tailored, targeted
collection might not be feasible," said Mr. Litt. "But I don't
think that even the European court decision says bulk collection is
never possible—it just has to be necessary and proportionate in
light of the circumstances."
Two people familiar with the talks said the U.S. had proposed
installing an ombudsman to handle individual complaints and
requests for information about alleged privacy breaches by the U.S.
government. The individual would be part of the State Department,
making that person independent from the national security
services.
The EU wants to ensure that such an ombudsman would take the
complaints seriously and wouldn't simply be for show, one of the
people said.
But there are limits to the feedback the ombudsman could give
individuals without revealing too much about national intelligence
operations, the other person said.
Commercial complains under the new framework would continue to
be handled through alternative dispute mechanisms, the Federal
Trade Commission and the Commerce Department.
U.S. authorities have previously said they received only four
commercial complaints from European national data protection
authorities over the span of more than a decade under the previous
Safe Harbor framework.
Another proposal under consideration would allow EU privacy
regulators to investigate complaints, according to a personal
familiar with the matter.
The privacy regulators of the 28 EU member states had granted
the U.S. and the EU until the end of January to agree to a new
framework. Without legally-binding assurances on personal
information-gathering by U.S. national security services under a
new safe-harbor framework, it is unlikely the data protection
authorities would continue to accept alternative methods such as
the model contract approach.
Even if the EU and U.S. do reach an understanding in the coming
days, it could take months to become legally binding in Europe,
since the EU would still need formal approval from various EU and
national officials.
(END) Dow Jones Newswires
January 31, 2016 19:25 ET (00:25 GMT)
Copyright (c) 2016 Dow Jones & Company, Inc.
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Aug 2024 to Sep 2024
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Sep 2023 to Sep 2024