Privacy should be protected in law, not in promises

The EU Commission and U.S. Department of Commerce announced an agreement on transatlantic data sharing on Tuesday. They say the new “Privacy Shield” framework will protect citizens’ privacy and give legal certainty to Google, Facebook and other companies that use their data. But there are no changes to the law and critical details are lacking. Promises alone will not convince the public, my fellow lawmakers, and – critically – the European Court of Justice, which invalidated the previous “Safe Harbor” arrangement last October.

No text is currently available for the new agreement. On the basis of a declaration and an interpretation of existing law, Internet users are asked to trust that governments will limit their data collection and companies will respect their obligations. An ombudsman is promised to handle complaints, but no definition is given on legal powers.. The new framework needs to be able to stand up to court scrutiny and prevail beyond the political lifespan of our current administrations. This calls for some serious legal reinforcement as details are clarified in the coming weeks.

ADVERTISEMENT
It is unrealistic to expect Internet users to accept a new agreement at its face value. After revelations of mass surveillance and opaque commercial practices, European and American citizens mistrust how governments and companies use their data. Recent surveys by Eurobarometer and Pew Research find that only 15 percent of Europeans and 9 percent of Americans feel they have high levels of control over their online personal information.

In the EU, the right to privacy is as clear in our Charter of Fundamental Rights and treaties as the freedoms set out in the U.S. Constitution. The European Court of Justice struck down the Safe Harbor arrangement precisely because it did not guarantee that right. While the pending Judicial Redress Act could offer progress, the U.S. legal picture remains largely unchanged and uncertain at this time.

Let us be clear that privacy is not an obstacle in our shared fight against terrorism. The European Court fully recognized the need to empower security services to do their job. Experience has shown that targeted surveillance is effective, not bulk collection of data.

In protecting privacy, we must be transparent. The European Parliament will act both as a watchdog to the process and as a facilitator for much-needed public dialog. I very much hope that Congress will join us in this role. With the right oversight and cooperation, we can achieve a legally sound agreement that will truly shield our citizens and our economic interests.

Moraes is chair of the European Parliament Civil Liberties, Justice and Home Affairs Committee and a member of the European Parliament for London, UK.

More in Technology

Congress Getting it Right on Email Privacy

Read more »