LIBE Inquiry Report Appears Likely to Support TFTP, PNR, But Not Safe Harbor
The European Parliament inquiry into U.S. mass surveillance appears headed toward a wishy-washy conclusion, said several lawmakers Monday at another in a series of webcast hearings by the Civil Liberties, Justice and Home Affairs (LIBE) Committee. A co-author of the final report discussed a working document on U.S. surveillance activities regarding EU data and its possible legal implications for existing trans-Atlantic agreements and cooperation. There’s no proof now that the U.S. has abused the Terrorist Finance Tracking Program (TFTP) or Passenger Name Record (PNR) system, said co-rapporteur Axel Voss, of the European People’s Party and Germany, and it’s unclear what would replace them if they're revoked. The few LIBE members present slammed the document for being too deferential to the U.S. and European Commission. Friday, the Centre for European Policy Studies issued policy recommendations it said could help the Parliament fully exercise its duty to safeguard citizens’ privacy rights.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
The first working document considered only the legal framework for EU-U.S. data transfer under safe harbor, the TFTP and the PNR, said Voss. Safe harbor has been criticized since it began, and that criticism has worsened since the spying revelations came to light, he said. The EC last week proposed 13 recommendations to improve safe harbor (CD Nov 29 p7) but Voss said he believes they're not satisfactory because the agreement no longer appears safe. In the long run, he said, the EU should suspend safe harbor and come up with something better, but in the short term, revoking it could considerably affect companies.
It would be possible to suspend the TFTP, but so far there’s no evidence that the U.S. has misused it, Voss said. He said he personally believes the program is shaped in such a way as to ensure balance between security and privacy, and that Europe’s balance aligns with that of the U.S. Suspending it could harm European citizens more than getting rid of safe harbor, he said. Equally, there have been no reports that the National Security Agency has abused data from PNR, he said. Parliament approved a nonbinding resolution in October urging the EU to suspend the TFTP (CD Oct 24 p10).
Hungarian MEP Krisztina Morvai, unattached to a political party, voiced frustration that none of the revelations from former NSA contractor Edward Snowden, the media or civil society appears to have been confirmed as fact. She said her impression is that this is a “lukewarm situation,” with few MEPs present at the hearing and little chance of anything actually being done. Christian Engström of the Greens/European Free Alliance and Sweden, said he hopes that when the working document, which wasn’t available Monday, emerges, it will be “a bit more critical” than the EC assessment of the various data-exchange accords.
Data is going to leave Europe for America one way or the other, and if existing agreements are tossed out, how will that exchange occur, Voss asked. If safe harbor is terminated, there must be some other basis for providing an adequate data protection standards, he said. If the U.S. and EU want to be able to track financing to clamp down on terrorism, how would that occur if not for the TFTP, he asked. The rapporteurs haven’t arrived at a conclusion yet, Voss said. The final report will focus on the political consequences of the European Parliament’s role in approving safe harbor and similar agreements, he said.
The November CEPS report (http://bit.ly/1gxQ2NE) on mass surveillance of personal data by EU members and its compatibility with EU law found that “the scale of surveillance revealed by Edward Snowden should not be simply understood as a routine practice of intelligence services.” Several aspects of the revelations directly affect EU citizens’ rights and EU institutions’ credibility in protecting those rights, it said. The information showed that surveillance has been reconfigured to enable access to a much larger scale of data than the telecom spying of the past, it said. The distinction between targeted surveillance for criminal investigations, which can be legal if done under the rule of law, and large-scale surveillance with unclear objectives, is increasingly blurred, it said. Analysis of European surveillance programs can’t be reduced to the question of balance between data protection and national security, but must be framed in terms of collective freedoms and democracy, it said.
If the EU doesn’t act against mass surveillance by its members, it will “profoundly undermine the trust and confidence” of its citizens in the EU institutions, CEPS said. Its policy recommendations were aimed mostly at Parliament. The think tank recommended that lawmakers use the powers at their disposal to require explanations from the U.S. and to further investigate EU countries’ collaboration with the NSA. It called for a “professional code for the transnational management of data” within the EU, including guidelines on how the code would apply to EU partners.
It’s clear that safe harbor has been “gravely violated” considering that all companies involved in the Prism surveillance regime are members, CEPS said. It suggested that Parliament consider a Canadian proposal for a “route tracking device” that lets Internet users choose fast or secure routes for sending email and other communications. That would force companies to offer the option to all European countries’ Internet users in order to keep their internal communications and data storage in Europe, it said. U.S companies that didn’t offer the option would have to warn visitors on their websites, it said.
CEPS also suggested that the European Parliament: (1) Propose the establishment of a policy infrastructure at EU level capable of ensuring that intelligence revelations are effectively followed up. (2) Explore the potential for EU-level whistle-blower protection. (3) Commission further research on large-scale surveillance practices by EU governments. The next session of the LIBE inquiry is Thursday.