DATA PROTECTION: EU TRIES TO RESOLVE ANOTHER TRANSATLANTIC WRANGLE.

Summary: Top officials from the European Commission and the United States have agreed to continue their talks on the controversial issue of data protection into 1999. The two sides have defused the issue which threatened to overshadow the Transatlantic Summit in Washington on December 18, but have still to agree on how to regulate data flows between them. The Commission says certain provisions in the EU's 1995 Data Protection Directive could be applied to the US, ensuring that the country could be accepted as having "adequate protection" for its data. But there are problems linked to the US's system of using voluntary controls for companies dealing with data flows.

At a meeting of the EU's committee for implementation of the Personal Data Directive (set up in compliance with Article 31 of Directive 95/46/EC) on December 9, the Member States agreed that the US provisions designed to protect private data were inadequate. But the dialogue will continue nonetheless, and there are no plans to block the flow of data. In a recent EU-US meeting, John Mogg, the Commission's Director-General for the Internal Market, and David Aaron, US Under-Secretary of Commerce for International Trade pledged to meet at the end of January next year to try and resolve the issue. But the Commission still feels the US has to provide more guarantees before an agreement is clinched. The Data Protection Directive - only in force since October 25 - grants national data regulators the authority to suspend the transfer of personally identifiable data towards countries whose level of protection is considered inadequate, but only five Member States have adopted it so far. The US is currently in that category. The deadlock puts American companies, such as credit card issuers with their sophisticated data mining and target marketing strategies, in a difficult position to pursue the European consumer market, with some US organisations complaining of paranoia in Europe. The US Commerce Department recently proposed a set of Safe Harbor Principles that US businesses could adopt to show compliance with the EU law, but this was rejected by the Commission which believes this will allow some companies to avoid the necessary commitments. "It's clear to us that the credibility of the US system is weakened by the voluntary system", said Sue Binns, the head of the Commission's Unit dealing with the free movement of data. She said the EU was prepared to accept codes of practice, provided...