US-EU Relations After Two Important Votes In European Parliament: It's (More) Complicated

from the this-will-be-interesting-to-watch dept

Two major votes in the European Parliament — one on data protection, the other on NSA surveillance — could have important ramifications for US-EU relations, particularly the current TAFTA/TTIP negotiations. As we wrote back in October last year, the EU’s proposed data protection legislation has been one of the most contested proposals in recent years, with massive lobbying from US companies concerned about the effects on their online businesses in Europe. In the end, there was extremely broad support from the European Parliament for the new data protection rules: 621 votes in favor, 10 against and 22 abstentions. Here are the main points as summarized in the official press release:

Data transfers to non-EU countries

To better protect EU citizens against surveillance activities like those unveiled since June 2013, MEPs amended the rules to require any firm (e.g. a search engine, social network or cloud storage service provider) to seek the prior authorisation of a national data protection authority in the EU before disclosing any EU citizen’s personal data to a third country. The firm would also have to inform the person concerned of the request.

Deterrent fines

Firms that break the rules should face fines of up to €100 million, or up to 5% of their annual worldwide turnover, whichever is greater, say MEPs. The European Commission had proposed penalties of up to €1 million or 2% of worldwide annual turnover.

Better protection on the internet

The new rules should also better protect data on the internet. They include a right to have personal data erased, new limits to “profiling” (attempts to analyse or predict a person’s performance at work, economic situation, location, etc.), a requirement to use clear and plain language to explain privacy policies. Any internet service provider wishing to process personal data would first have to obtain the freely given, well-informed and explicit consent of the person concerned.

The intent is make sure that any personal data from Europe is still protected according to EU norms when it leaves the continent — specifically, when it is sent across to the US. And to give the new rules some teeth, the maximum fine for non-compliance is 5% of revenues, which for the largest companies like Google and Facebook could be many billions of dollars.

Among the requirements are that the personal data of EU citizens can only be disclosed (to the NSA, say) after permission has been obtained from the national data protection authority, and that EU citizens have a right to request that their personal data is erased. Clearly, these will not go down well with US companies — or the US government.

However, it’s important to note that this vote in the European Parliament is not the end of the story. Although the European Commission is behind the measures, there is another EU body — the European Council of the European Union — that must agree. It’s made up of the heads of government of ministers from the EU’s member states, and among those there are several that will not be happy with some of the proposals (notably the UK.) The unanimity of the MEPs in this vote will put pressure on the European Council to negotiate, but it’s not clear at this stage what the final outcome might be.

The other important vote was on the European Parliament’s inquiry into the mass surveillance of EU citizens, discussed here recently. The resolution put forward by the Civil Liberties, Justice and Home Affairs committee of the European Parliament was backed by 544 votes to 78, with 60 abstentions. Its main recommendations are as follows:

Parliament’s should withhold its consent to the final Transatlantic Trade and Investment Partnership (TTIP) deal with the US unless it fully respects EU fundamental rights, stresses the resolution, adding that data protection should be ruled out of the trade talks. This consent “could be endangered as long as blanket mass surveillance activities and the interception of communications in EU institutions and diplomatic representations are not fully stopped”, notes the text.

MEPs also call for the “immediate suspension” of the Safe Harbour privacy principles (voluntary data protection standards for non-EU companies transferring EU citizens’ personal data to the US). These principles “do not provide adequate protection for EU citizens” say MEPs, urging the US to propose new personal data transfer rules that meet EU data protection requirements.

The Terrorist Finance Tracking Programme (TFTP) deal should also be suspended until allegations that US authorities have access to EU citizens’ bank data outside the agreement are clarified, insist MEPs.

Again, these will not be popular with the US government, which is pushing for data protection to be included in the TAFTA/TTIP talks. Similarly, suspending the Safe Harbor framework would be disastrous for the same kinds of companies affected by the data protection measures discussed above, since they would no longer be able to self-certify that their data handling is compliant with EU requirements. As the leader of the civil liberties inquiry, Claude Moraes, explained:

The Snowden revelations gave us a chance to react. I hope we will turn those reactions into something positive and lasting into the next mandate of this Parliament, a data protection bill of rights that we can all be proud of. This is the only international inquiry into mass surveillance. (…) Even Congress in the United States has not had an inquiry.

In other words, the inquiry is a direct result of Snowden’s leaks, so it’s no surprise that the resolution included the following proposal reflecting that:

The text also calls for a “European whistle-blower protection programme”, which should pay particular attention to the “complexity of whistleblowing in the field of intelligence”. EU countries are also asked to consider granting whistleblowers international protection from prosecution.

Sadly, though, an amendment calling for Edward Snowden to be offered asylum in the EU was defeated, despite some spirited advocacy by the Green and Pirate parties inside the parliament chamber:

As with the data protection vote, it’s not yet clear what effect the approval of the resolution will have. It is not binding, and it would be for the European Commission to implement. That seems unlikely for things like the suspension of Safe Harbor. However, the threat that the European Parliament will withhold its consent to any free trade agreement if data protection is included, or the NSA surveillance is not scaled back, is real. We saw with ACTA that if MEPs vote against an agreement, it is dead. That’s bound to make the increasingly troubled TTIP negotiations even more fraught.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

Filed Under: , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “US-EU Relations After Two Important Votes In European Parliament: It's (More) Complicated”

Subscribe: RSS Leave a comment
Anonymous Coward says:

one of the main things that isn’t mentioned in the demands from MEPS is copyright. if there is nothing done about that, you might as well forget the other stuff. all that will happen is the US will make decisions on more ‘secret interpretations’ that will screw everyone everywhere! the term needs to be drastically reduced as do the punishments for sharing. backups need to be made legal, as does format shifting! i dont understand how anyone with an iota of sense can continuously back an industry that creates plenty or revenue, but pays almost nothing into the economy, while at the same time, allows new businesses to be squashed and start ups prevented from getting off the ground by the other industry. the potential revenue could be massive, the lost revenue will never be got back or appear in the future. all thanks to certain people who think more of what is going into their personal coffers rather than aiding the nation, a job they swore an oath to do!!

That One Guy (profile) says:

Re: Re:

‘i dont understand how anyone with an iota of sense can continuously back an industry that creates plenty or revenue, but pays almost nothing into the economy, while at the same time, allows new businesses to be squashed and start ups prevented from getting off the ground by the other industry.’

Simple enough, while they don’t contribute much to the economy, they do contribute significant amounts to politics, giving them a disproportionate amount of clout when it comes to getting laws passed.

avideogameplayer says:

How can the EU implement any of these ideas when the Alphabet soup agencies already have taps into the backbone of the net? Or having companies like M$ putting backstage passes into their (mal)ware for government agencies to help themselves?

Unless the EU decides to fund their own version of the web, this is just a nice idea on paper…

Anonymous Coward says:

On *The negotiations are fraught*

I disagree with the assertion that the negotiations are fraught. A good outcome is where the parties negotiate, and can’t come to an agreement. A great outcome is where the parties negotiate and come to an agreement that sees the vast majority better off within only minor (or reasonable) inconveniences for the minority. A terrible outcome is where the parties come to an agreement that locks in unforseen problems and gives sectional interests a big benefit at the majority’s expense.

Duke (profile) says:

European Council != Council of the European Union

A minor point to correct; I may be wrong but it is usually the Council of the European Union – not the European Council – which has to sign off on these types of measures.

The European Council is the head of Governments of the Member States and sets the broad policy agenda of the EU. But their involvement in legislating etc. is fairly limited.

The Council of the EU is the other half – along with the Parliament – of the EU’s legislature. Like the US Senate used to be, it represents the interests of the Member States rather than the people and is made up of the relevant ministers from the national governments.

It’s also not to be confused with the Council of Europe, which is a completely different thing (not part of the EU) and runs the ECHR and so on.

Anonymous Coward says:

“Parliament’s should withhold its consent to the final Transatlantic Trade and Investment Partnership (TTIP) deal with the US unless it fully respects EU fundamental rights”

So their creating a win – win/fake lose situation

Use the peoples deserved right against them by offering a shallow promiss of privacy in order to pass something that has many opponents, many of which care about their privacy

These two subjects, privacy AND security, and the trade bill, ARE TWO COMPLETELY DIFFERENT CASES, not something that needs to be mixed, in order to PLAY the public, YES -to an over abundance of privacy and security……NO – to a trade agreement that would affect “dozens” of people, allthe while, the text, body and negotiations of that very trade bill kept a SECRET………what are we, in fucking opposite world or something, they’ve got their wires fucking crossed, and im tired of being “shocked”

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...