After Edward Snowden revelations, EU executive underlines US compliance with European law and ‘how things have gone badly’
Ian Traynor in Brussels
The EU executive is threatening to freeze crucial data-sharing arrangements with the US because of the Edward Snowden revelations about the mass surveillance of the National Security Agency.
The US will have to adjust their surveillance activities to comply with EU law and enable legal redress in the US courts for Europeans whose rights may have been infringed, said Viviane Reding, the EU’s justice and rights commissioner who is negotiating with the US on the fallout from the NSA scandal.
European businesses need to compete on a level playing field with US rivals, Reding told the Guardian.
The EU commissioner said there was little she or Brussels could do about the activities of the NSA’s main partner in mass surveillance, Britain’s Government Communications Headquarters or GCHQ, since secret services in the EU were the strict remit of national governments. The commission has demanded but failed to obtain detailed information from the British government on how UK surveillance practices are affecting other EU citizens.
“I have direct competence in law enforcement but not in secret services. That remains with the member states. In general, secret services are national,” said the commissioner, from Luxembourg.
As a result of the Snowden disclosures, the EU has reviewed existing data-sharing agreements with the Americans concerning commercial swaps between US and European companies, information traded aimed at suppressing international terrorist funding, and the supply of information on transatlantic air passengers. It is also rethinking ongoing negotiations over exchanging data with the Americans on judicial and police co-operation. And it is drafting new Europe-wide data protection rules requiring US internet companies operating in the EU to obtain permission to transfer data to the US and to restrict US intelligence access to it.
Pressing the Americans in negotiations in Washington last week, Reding was unable to obtain US figures on the scale of the US surveillance of Europeans.
The commercial data exchange, known as “Safe Harbor”, was found to be flawed.
“The commission will underline that things have gone very badly indeed. Our analysis is Safe Harbor seems not to be safe. We’re asking the US not just to speak, but to act,” Reding said. “There is always a possibility to scrap Safe Harbor … It’s important that these recommendations are acted on by the US side by summer 2014. Next summer is a Damocles sword. It’s a real to-do list. Enforcement is absolutely critical. Safe Harbor cannot be only an empty shell.”
The commission is to come forward on Wednesday with a set of recommendations addressing the risks exposed by Snowden. The package was agreed in Brussels on Monday, said senior officials, but is opposed by Britain’s representative in the commission, Lady Ashton.
The Snowden disclosures are “a wake-up call for the EU and its member states to advance swiftly on data protection reform”, the commission is expected to say.”The question has arisen whether the large-scale collection and processing of personal information under US surveillance programmes is necessary and proportionate to meet the interests of national security … EU citizens do not enjoy the same rights and procedural safeguards as Americans.”
Reding stressed that US concessions on legal redress were central to Brussels’ demands. American citizens in Europe can go to the courts if they feel their rights are infringed. Europeans without right of residence in America may not.
“For two years I have asked for reciprocity,” said Reding. “I couldn’t get that. It needs a change of [US] legislation and the administration has always told me they couldn’t get that through.”
Senior EU officials are cautiously confident that the Obama administration realises the damage done to transatlantic trust by the Snowden leaks and that it will act to assuage some of the EU concerns.
“The US tone has changed,” said a senior official present at the Washington negotiations last week. “The Americans were always stonewalling. Now the cat is out of the bag. We are seeing movement.”
US flexibility contrasted with outright British hostility to EU moves to reinforce privacy rights, the officials said. The new EU rules being drafted on data protection were opposed openly “150%” by the British, said another senior official. “There’s nothing new here.”
But the Germans were also opposed, arguing that the new regime was not strict enough. The Scandinavians and some east Europeans also had some reservations about new data privacy rules from Brussels, suggesting they will have trouble surviving in current form.
The aim is to get the new regulations through the legislative cycle by next May, but that looks unlikely.
Cecilia Malmström, the commissioner for home affairs, is to declare on Wednesday that the onus is on Washington to come clean about the Snowden disclosures.
“Serious concerns still remain following the revelations,” she will say. “If the US wants to overcome current tensions, they need to shed full light on these allegations. Our co-operation with the US in the fight against terrorism has been put into question by the NSA revelations.”
• This article was amended on 27 November 2013. An earlier version said GCHQ stood for the General Communications Headquarters. That has been corrected to Government Communications Headquarters.