We store cookies on your device to make sure we give you the best experience on this website. I'm fine with this - Turn cookies off
Switch to an accessible version of this website which is easier to read. (requires cookies)

PRISM highlights need for robust EU-US dialogue

June 14, 2013 1:39 PM
By Sarah Ludford MEP in British Influence - Euro Watch
Originally published by East Midlands Liberal Democrats

There have been increasing intrusions on the right to privacy on both sides of the Atlantic in the last decade under the cover of the 'war on terror'. With individuals sharing more and more information about their lives not only in emails and phonecalls but with hundreds of 'friends' and 'followers' on social networking sites, the appetite of the law enforcement and security services for snooping on us has inevitably grown.

The recent revelations that the US National Security Agency (NSA) has been trawling 'metadata' from Internet Service Providers, telecoms companies and social media sites - information about our phone calls, text messages, emails and online activity, even if not the content - is of deep concern, especially while negotiations on a revised EU data protection law are in train.

But these revelations are new only as to the details and the name of the programme: 'PRISM'. MEPs, myself included, have campaigned for years - long before the recent expose - for the European Commission to press the US to clarify how Patriot Act and FISA court powers affected Europeans, and to try to ensure that the data of EU citizens is secure from NSA snooping. We have long been concerned about the 'conflict of laws' between EU data protection rules and US intelligence powers.

And it is only thanks to the Liberal Democrats that NSA-type powers were blocked in the UK through the derailing of the Data Communications Bill, widely known as the 'Snooper's Charter', which would have made suspects of us all in the same way as PRISM.

The Commission's response to MEPs' concerns regarding US powers has been lame, in simply highlighting the challenges involved in ensuring that non-EU countries respect EU data protection law. So I welcome Justice Commissioner Viviane Reding's response at last to our concerns in promising to raisethe matter this weekend with US Attorney General Eric Holder. I hope and trust she will be now be robust.

But the Commission's promise this week to the European Parliament that the new EU Data Protection Regulation would, by 'closing loopholes', protect companies from the demands of the US intelligence services for access to personal data, is both untrue and undeliverable. EU law will not in itself prevent the application of the Foreign Intelligence Surveillance Act (FISA), which authorised PRISM; even if Google were subject to the strictest EU data protection laws in respect of our data, they would still be caught between a rock and a hard place of competing jurisdictions when the NSA comes shopping.

The reform of EU data protection legislation is one of the most important issues on the European agenda. The aim of the ALDE group in the European Parliament, to which UK LibDems belong, is to have enforceable and workable standards which give consumers the trust they need that their fundamental rights are respected and companies the confidence they need to invest in innovative business models. We want consumers to be able to trust technological advances as well as their own ability to determine how their personal data is processed.

The issues of EU data protection law and US intelligence demands are linked but separate. I have been publicly criticised for amendments I've tabled to the draft EU Regulation to delete a requirement for a company when transferring data to a foreign country to explain all the data protection laws applicable there. But how many books have been written on this subject in regard to the US? And even if the company explained the federal Privacy Act, Federal Trade Commission powers etc, would it be able to predict FISA court orders?

Thus the EU must not only resolutely press the case to the Americans that it is unfair for their own citizens to be protected by American constitutional and data privacy protections that EU citizens are denied. It must also, at last, seek to clarify how the clash of laws between our data privacy standards and their surveillance powers is sorted. Anything less, and a train crash looms.

Sarah Ludford MEP

Sarah Ludford was elected to the European Parliament as MEP for London in 1999, prior to which she was a councillor in Islington for 8 years. An LSE graduate in international history, she also has a master's degree in European studies and is qualified as a barrister.

Her career, which started in Whitehall, has included substantial stints in Brussels working for the European Commission, in the City (European adviser at Lloyd's of London and vice-president, Corporate External Affairs at American Express Europe) and as a European consultant.

She has been a member of the House of Lords since 1997, although while an MEP cannot be an active member.

Follow her on Twitter: @SarahLudfordMEP