OPP Meeting Summary: EP LIBE Committee – First annual review of the privacy shield (6 November 2017)

A summary of the exchange of views with the Commission is available.

EP LIBE Committee – 6 November 2017
 First annual review of the privacy shield
– Exchange of views with Tiina Astola, Director-General of DG Justice and Consumers, European Commission
View the report on the first annual review of the functioning of the EU–U.S. Privacy Shield

Tiina Astola, Director-General of DG Justice and Consumers, European Commission made the following remarks

  • the need for an annual review had been codified in the General Data Protection Regulation (GDPR);
  • the Commission took its monitoring requirement seriously;
  • she stressed that the annual review did not start in Washington in September. Thorough preparations had been taken by consulting companies which had signed up to the privacy shield, and civil society organisations which gave their views on how it had been implemented;
  • the review had been carried out in close coordination with representatives from the data protection authorities designated by the Article 29 Working Party;
  • it had been a meaningful exercise due to the intense cooperation with authorities and stakeholders;
  • a large variety of representatives from the US authorities had taken part in the meetings. She described the level of support as “unprecedented”;
  • it had set an important precedent for future annual reviews of the shield in terms of the preparation;
  • on the commercial side, it was concluded that the system functioned well. The US authorities had put in place the necessary mechanisms and instruments;
  • more than 2400 companies had joined the shield, including the US subsidiaries of important European companies;
  • in the future, the Commission expected greater focus on enforcement and oversight on the US side by the Department of Commerce and the report gave a number of recommendations;
  • the new US administration confirmed the commitments that had been made during the Obama administration government access to personal data;
  • the Commission had received reinsurances that the Presidential Policy Directive 28 (PPD28) and its implementing rules would not be altered;
  • any access by US authorities for national security purposes to data transferred from the EU for commercial reasons would always need to be targeted. The reviewed shown that the collection of data did not take place on a generalised basis;
  • the US Congress was debating the reauthorisation of FISA 702, which was the primary legal authority for foreign intelligence operations. She stated that the US could take this opportunity to enshrine the protection of afforded by the PPD28;
  • the Commission’s report urged the US administration to appoint a Privacy Shield Ombudsperson as soon as possible. It would be a clear sign of the continued political commitment from the US side;
  • she stated that the review process was also a good example of the cooperation within the EU. The Parliament had provided its input through a resolution and the LIBE Committee delegation had met with its counterparts in Washington.

Michał Boni (EPP, PL)

  • he asked if the Commission had any plans on awareness raising campaigns regarding the privacy shield;
  • he asked for the Commission’s views on when the Privacy Shield Ombudsperson would be appointed and in which direction the reauthorisation of FISA 702 was going;
  • he stated that US companies should not “misuse European users”. 

Birgit Sippel (S&D, DE)

  • she stated that the Commission’s presentation had reminded her of the discussions surrounding Safe Harbor. From examining the report in detail it was clear that the privacy shield was having the same problems, for example with companies pretending to have joined the shield;
  • she questioned what made the Commission believe that progress could be made and whether it had received any indications from the US on how it would address those issues;
  • it had been stressed during the Committee delegation visit to Washington in July that it was not acceptable that the Ombudsperson and other important Board members had not yet been appointed. She asked if the US had given any indication on when and how the appointments would be made.

Sophie in’t Veld (ALDE, NL)

  • she reiterated the comments made by Birgit Sippel (S&D, DE) on how the discussions reminded her of Safe Harbor; 
  • she described the safeguards as “flimsy” and that they were not being implemented properly;
  • she stated that the privacy shield was dependant on assurances from an administration that “relies on alternative facts” and she questioned the level of protection this gave to citizens;
  • regarding the lack of complaints, she stated that very few people knew about the existence of the complaints procedure;
  • she still believed that the arrangement was “not watertight” and the implementation even less so;
  • she stated that European citizens counted on the Commission to uphold EU law and the Treaties. The Commission had not been doing this in various areas and she did not believe that the Commission should be asking the Parliament for help.

Axel Voss (EPP, DE)

  • it was positive that discussions regarding the protection of personal data were held at the political level with the US;
  • it was not acceptable that a permanent Ombudsperson had not yet been appointed;
  • he asked whether had been any cases of complaints, and if there were any gaps in the procedure which needed to be examined;
  • the fact that the Trump administration was not appointing members showed their attitude towards the importance of the Transatlantic movement of data;
  • he also asked if there were any general improvements that needed to be made.

Judith Sargentini (Greens/EFA, NL)

  • the interim Ombudsperson had clearly stated that she was not equipped to deal with the issue;
  • she stated that “this is Safe Harbor all over again”. Nothing had changed for European citizens or for the big American tech companies using European citizen data.

Chair Claude Moraes (S&D, UK)

  • he asked what the Commission was doing to investigate law enforcement access issues and in general, how things were better than they were with Safe Harbor.

Tiina Astola, Director-General of DG Justice and Consumers, European Commission

  • the Commission had addressed many of the issues with Safe Harbor in the preparations for the privacy shield;
  • regarding awareness raising, she stated that the need for the privacy shield would become more understandable once citizens became more aware of the implementation of the GDPR;
  • the Commission had repeatedly raised the needful the appointment of the Ombudsperson. She stated that there were ways in which the interim Ombudsperson could effectively work with European data protection authorities;
  • she believed that the FISA 702 would be maintained;
  • there were no complaints filed yet, and the Commission had been assured that there were procedures in place to handle them in the absence of a permanent Ombudsperson.

A representative from the European Commission made the following remarks

  • regarding law enforcement access, he stated that the Commission had thoroughly investigated this issue, especially focusing on warrants and probable cause requirements as well as available remedies;
  • the Commission believed that it was fully in line with the proportionality principle;
  • the use of so-called ‘gag orders’ had decreased over the past year;
  • the privacy shield had opened a line of communication with the US that had not existed in the past;
  • on the issue of FISA 702, there were several proposals and the Commission did not believe that any of them would increase surveillance powers.

Sophie in’t Veld (ALDE, NL)

  • she asked the Commission where it would draw the line. The privacy shield was adopted in 2016 and there was still no Ombudsperson or a functioning Board;
  • she stated that the Commission was relying on assurances from a President and an administration which were not reliable;
  • it was not about “pushing the Americans a little” but demanding that they respect their obligations.

Tiina Astola, Director-General of DG Justice and Consumers, European Commission

  • the interim Ombudsperson had all of the required powers and there were procedures in place, but no complaints had been made yet. When the first complaint was made, the Commission would assess whether the existing situation was sufficient.

Chair Claude Moraes (S&D, UK)

  • he stated that Commissioner Jourová would be making an appearance before the Committee before the end of the month.

Source: One Policy Place

The simultaneous interpretation of debates provided by the European Parliament serves only to facilitate communication amongst the participants in the meeting. It does not constitute an authentic record of proceedings. One Policy Place uses these translations so this text is only a guide and should not be relied on as an official account of the meeting. Only the original speech or the revised written translation of that speech is authentic.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. Cookies help you create your Policy Newsfeed for example. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.