New Rules for Data Transfer to US
May 27th, 2010 by adminThe European Commission has released the terms on which it wants to consult with the US to permit the transferring of EU citizens’ personal data and information to US authorities in the process of carrying out terrorism investigations.
First, the European Council must grant their approval of the European Commission’s draft directive before any such negotiations with US authorities can begin. The European Parliament’s consent shall need to be sought once negotiations have been finalised and a set of terms by which the transfer of personal data shall be undertaken have been created.
In February this year, the European Parliament rebuffed a deal opted for by the European Commission with the US in relation to the transference of financial records. After this, the European Parliament ordered the European Commission to come up with a plan to improve upon the protection of personal data and personal information before any such transference was to take place.
In response to this, the European Commission have now published a draft directive as a way to commence new negotiations. Within the draft mandate, there is a set of terms in place to attempt to finalise a broad data-sharing arrangement.
Data transfer agreements that have been made in the past have often been deemed as contentious or have simply been declared unlawful by data protection regulators.
The European Parliament earlier opposed certain features of a different data transfer agenda which was to enable the US authorities to require passenger name records (known as PNR), as well as airline records on any individual flying into the US.
The Commission has summarised the protections it plans to reason with when agreeing the terms with the US for the transference of data.
In light of the terrorism the EU and US have faced in the past decade, each has become committed to the preservation of data protection and privacy. The issue that arises is in how such data is to be safe guarded, as both the US and EU have in place differing measures for the protection of personal data.
