As we described in our previous post, the Safe Harbor is currently facing criticism in the EU in light of disclosures involving US surveillance programs. A recent hearing by the European Civil Liberties, Justice and Home Affairs (LIBE) Committee is demonstrative of this negative sentiment and shows that there is no sign that this backlash will subside.
On October 7, the LIBE Committee of the European Parliament held a hearing to examine the US-EU Safe Harbor framework as well as other mechanisms for lawful data transfers in light of the NSA revelations. At the hearing, all the speakers argued that data collection at the scale conducted by the NSA was inconsistent with EU law, and pressed for the enactment of Article 42 – a provision currently under consideration that would prohibit countries outside of the EU from accessing personal data in the EU where required by a non-EU court or administrative authority without prior authorization by a DPA.
Peter Hustinx, the European Data Protection Supervisor, offered the most positive review of the Safe Harbor framework, describing it as having merit but lacking a comprehensive overview. Isabelle Falque Pierrotin, President of CNIL, noted that the Safe Harbor and BCRs were not designed to address government requests for data transfers, instead arguing for strong agreements with non-EU countries in order to avoid conflicts of law, and the development of a European cloud system to create clear legal responsibility for companies.
Christopher Connolly, director of consulting firm Galexia and author of a 2008 report on the Safe Harbor, was most critical of the framework. He cited what he believed to be considerable flaws in the framework – many of the same criticisms he levied in his 2008 report – and advocated for its suspension. Despite only Connolly calling for a suspension of the Safe Harbor, at the end of the hearing, Claude Moraes, Labour MEP for London and a member of the LIBE Committee, stated that his draft report would recommend suspending the framework.
The rhetoric at this hearing is an example of why FPF is conducting its own objective assessment of the Safe Harbor framework. We believe that it is important to provide EU policy makers with a neutral review of the Safe Harbor that provides basic facts about the implementation and enforcement of the framework to best understand what is working, and what can be improved. By taking a balanced look at the current state of the Safe Harbor, FPF can provide input into the ongoing EU debate.