Europe should suspend the Safe Harbor agreement with the U.S. that allows American cloud firms to handle the data of EU citizens, the European Parliament’s civil liberties committee has said in a set of draft recommendations.
The committee has for months been hearing evidence about surveillance of Europeans by the NSA and EU countries’ own governments. The inquiry is now on a holiday break, but on Wednesday Claude Moraes – the MEP leading the committee – presented draft conclusions that, if all goes well, will be up for a parliamentary vote in late February.
One of the biggest recommendations is for the Safe Harbor to be suspended. Under the current agreement, U.S. firms can self-certify to say they comply with EU-strength data protection standards, even if their country’s laws do not. However, NSA leaker Edward Snowden has shown that EU citizens’ data is far from protected when traveling through U.S. firms’ systems, and German privacy officials have already called for its suspension.
According to the draft recommendations issued on Wednesday, the European Commission should “re-negotiate new, appropriate data protection standards.” The Commission should also suspend the Terrorist Finance Tracking Programme (TFTP), which involves the limited handing-over of Europeans’ banking data to the U.S., the committee said.
It remains to be seen how the Commission will respond to the Safe Harbor call, as it has already decided to use the suspension of that agreement as a threat, in case the U.S. doesn’t give Europeans more data protection rights. The Commission has already rejected calls from the European Parliament for TFTP suspension.
The committee also called for the creation of “an EU data storage cloud”, and urged the completion of new data protection legislation by the end of 2014. It also said the EU should only sign the contentious TTIP trade agreement with the U.S. if it makes no mention of data protection – however, this much has already been decided by the negotiators.
And finally, an interesting side note from Wednesday’s statement:
“Disclosures by former NSA contractor Edward Snowden have revealed a huge weakness in the IT security of EU institutions, stresses Mr Moraes. The draft resolution proposes that Parliament’s technical capabilities and options should be properly assessed, including the possible uses of open source software, cloud storage and more use of encryption technologies.”