After failing to impress the European Parliament in her grilling last week, the new Commissioner responsible for data protection has further explained her position on agreements with the US and data protection.
Asked whether she would suspend the Safe Harbour data sharing agreement with the United States, Věra Jourová said that although suspension was one of the options on the table, she wants to continue to try to work things out with the US.
“I will insist with the United States authorities on a clear and realistic timeframe for finding a solution. If all our efforts fail, we need to look together with you and with the Member States into alternative options,” she said without really clarifying what those alternatives might be.
Like her predecessor, Viviane Reding, Jourova says she wants commitments from the United States that the national security exemption is only used when necessary and proportionate for specific national security purposes.
She appears to accept the US assurances that some data protection rights for Americans shall be extended to non-Americans. “We share common targets with the United States. Major US business and civil society actors support our effort to restore trust in an internet without the threat of constant mass surveillance,” said Jourova, again without any concrete details about how the threat of mass surveillance might be removed.
Last March the European Parliament approved an overhaul of Europe’s data protection laws and, if appointed, Jourova would have to oversee the negotiations with member states to get them finalised. She said that she believes this is still possible within six months, despite huge hurdles still in the way of the Data Protection Regulation.
One major stumbling block may be the one stop shop principle, where a single national data protection authority would oversee complaints of EU citizens from other member states if the offending company is based in their territory.
Jourova vowed to tackle this issue as well as questions about enforcement, sanctions and how the regulation would apply to the public sector. ®
Sponsored: Webcast: Simplify data protection on AWS