A top US law enforcement commissioner has claimed European data protection authorities are too worried about helping consumers instead of robustly enforcing privacy laws.
Speaking at CPDP2015 in Brussels, Julie Brill, privacy commissioner for the US Federal Trade Commission (FTC) defended the US approach to protecting privacy.
“European data protection authorities are too focussed on individual cases and can’t see the bigger picture,” she said. “If you rely entirely on complaints, you will always focus on consumer-facing companies and I think that’s a problem.”
“We at the FTC get our cases from all sources including newspaper articles or even competitors,” continued Brill. “A great data protection law is no good if you don’t enforce it.”.
Paul Nemitz, a director in the European Commission’s justice department, didn’t tackle Brill's accusation directly, but countered by slamming the US' refusal to give EU citizens equal data protection.
“You don’t take action on any EU cases,” Nemitz thundered. “There aren’t thousands of EU complaints coming to the FTC, but you still say its too tedious - it really is a bit much.”
He cited complaints about Google Street View invading privacy in Europe as an example.
Under the Safe Harbour agreement, EU citizens’ data can be transferred to US companies if they sign up to a voluntary register to honour data protection obligations. This promise is then legally binding and enforced by the FTC in the US. Following Edward Snowden’s revelations of the National Security Agency’s dragnet surveillance programme, the European Parliament declared the Safe Harbour agreement unfit for purpose and called for it to be scrapped – but that decision rests with the European Commission.
“The Commission wants the Safe Harbour agreement to live, but not at all costs,” said Nemitz. “The issue is that we need to bring proportionality into the national security exemption. The NSA can’t be used 24/7 to set aside protection. You can’t just say 'it’s national security – go away',” he said.
“Safe harbour has been turned into a bogeyman in Europe. All your data transfer treaties have national security exemptions,” countered Brill.
Negotiations on an umbrella agreement covering data protection between the EU and US are currently ongoing. They have been going on for more than three years and, on the evidence of Thursday’s debate, are likely to continue for many more years to come. ®