EU seeks to expand privacy powers in data-sharing talks

EU seeks to expand privacy powers in data-sharing talks
© Getty Images

The European Union is pushing to give its national privacy regulators more power under a new U.S.-EU data transfer agreement currently under negotiations, according to Reuters.

Negotiators have been wrangling over a so-called “Safe Harbor 2.0” agreement after the EU high court in October struck down the original pact, which allowed data transfers from Europe to the United States.

The original Safe Harbor, agreed to in 2000, was used by over 4,000 companies to make legal data transfers in a multitude of industries, from hospitality to social media. Europe’s data protection authorities have given negotiators until January to create a new framework before they will begin to take enforcement action against firms.

The European Commission, which is leading the talks on the EU side, wants privacy watchdogs to have more legal avenues to challenge firms' handling of data, Reuters reports.

Negotiators — led by the Commerce Department in the U.S. — are trying to address the high court’s concerns that because of U.S. surveillance practices, the original agreement did not adequately protect Europeans’ privacy rights.

The EU is particularly concerned that its citizens cannot challenge misuse of their data in the courts. One option being considered is to allow Europeans to complain directly to national authorities on data protection.

Although U.S. companies handling sensitive human resources data agreed under the original agreement to cooperate with the privacy watchdogs in the event of a complaint, negotiators have yet to agree to broaden the provision in Safe Harbor 2.0.

One sticking point is how the European watchdogs would interact with the Federal Trade Commission (FTC) in the U.S. to avoid giving the EU extraterritorial powers.

The FTC monitored U.S. companies’ compliance with the original Safe Harbor agreement, but did not address complaints from individuals.

The EU has already said that providing European citizens with judicial redress in U.S. courts is a prerequisite for a new “umbrella agreement” that would allow the two sides to exchange more data during criminal and terrorism investigations.

That deal, many years in the works, was inked in September.

Legislation offering EU citizens the right to seek legal redress for privacy violations has already been introduced by Sen. Chris MurphyChristopher (Chris) Scott MurphyGreen group backs Sens. Baldwin, Nelson for reelection Dems press Trump for 'Buy American' proposals in infrastructure plan Chuck Schumer’s deal with the devil MORE (D-Conn.) and co-sponsored by Sen. Orrin HatchOrrin Grant HatchOvernight Tech: Uber exec says 'no justification' for covering up hack | Apple considers battery rebates | Regulators talk bitcoin | SpaceX launches world's most powerful rocket Overnight Cybersecurity: Tillerson proposes new cyber bureau at State | Senate bill would clarify cross-border data rules | Uber exec says 'no justification' for covering up breach Hatch introduces bipartisan bill to clarify cross-border data policies MORE (R-Utah).

The so-called Judicial Redress Act would allow the attorney general to work with other agencies to designate certain countries whose citizens would have the right to enforce their data protection rights in U.S. courts.

Observers say there is limited opposition to the bill.