International Privacy - 2013 Year In Review - European Union

Author:Mr Gonzalo Zeballos, James A. Sherer and Alan M. Pate

Fighting the war on two fronts:


Outside of the EU, concerns continue after the former NSA contractor Edward Snowden leaks demonstrated issues related to U.S. handling of European data. Beginning in July, 2013, the ongoing Transatlantic Trade and Investment Partnership (TTIP) talks were seen as a focus of cross-border interoperability, with Germany initially applying internal pressure to include commercial spying rules during the negotiation before Viviane Reding, EU Justice Commissioner and vice-president, confirmed that data protection would not be part of the negotiation. In contrast, Ms. Reding stated that the EU expects that the U.S. will pursue "necessary legislative change" by the summer of 2014 to allow EU citizens the "right of judicial redress" to sue in the U.S. if EU citizen data is misused, a right "[e]very U.S. citizen in the European Union already enjoys...irrespective of whether he or she is resident in the EU."

The European Commission (EC) released a memorandum relating to EU-U.S. data flows on November 27, 2013, focused specifically on "large-scale U.S. intelligence collection programmes," which "have had a negative impact on the transatlantic relationship." There, the EC reported on findings of the July 2013 EU-U.S. Working Group and analyzed the function of the current EU-U.S. safe harbor, which has been in place since 2000. In contrast, the United States has indicated that the current safe harbor "remains an effective way of protecting online data for both American and European consumers."

Despite differences in approach and philosophy, the EU and the U.S. are working toward completing an agreement by mid-2014 that would protect the private data of individuals while still sharing information for law enforcement purposes; this follows talks that began in 2011 and have survived 15 negotiating rounds.


The Snowden affair has galvanized some internal activity within the EU, where in-process data privacy legislation has been gridlocked for nearly two years due, in part, to U.S. pressure. Previously, the U.S. had successfully lobbied for easing of data transfer rules, but tight data transfer regulation was reintroduced, which proscribes those practices unless explicitly allowed. Such lobbying was explicitly noted as sometimes being "counter-productive" in the context of EU data protection that was, instead, strengthened by the European Parliament.

On October 21, 2013, the Committee for Civil Liberties...

To continue reading