EU and US NGOs propose privacy reforms post Schrems

By EDRi · November 18, 2015

On 12 November 2015, leading human rights and consumer organisations issued a letter to urge the US and the EU to protect the fundamental right to privacy. After the Schrems ruling by the Court of Justice of the European Union (CJEU) in October 2015, the parties are now attempting to negotiate a revised Safe Harbor arrangement, but civil society groups are sceptical that such an agreement by itself will be sufficient.

EU Commissioner for Justice, Consumers and Gender Equality Věra Jourová recently travelled to Washington DC to discuss the possibilities to replace the invalidated Safe Harbor data transfer framework. While negotiating with American officials, Secretary of Commerce Penny Pritzker in particular, the Commissioner took the time to meet with US civil society organisations on 13 November 2015.

................................................................. Support our work - make a recurrent donation! .................................................................

On that occasion, the groups warned that without significant changes to “domestic law” and “international commitments” by the United States, a “Safe Harbor 2.0” will almost certainly fail. The NGOs recommended 13 proposals for the EU and the US that are necessary after the judgment.

Among other requirements, the NGO leaders have called for a comprehensive privacy framework in the US, which includes the establishment of an independent privacy agency and the modernisation of the Privacy Act of 1974, to provide for meaningful judicial redress for everybody, including non-US persons, whose data is stored by a US federal agency.

The paper argued that it is important to conclude the General Data Protection Reform (GDPR) by the end of 2015 and that the EU must keep or increase the level of protection for privacy and data protection. The EU should follow the opinion of the Article 29 Working Party, and ensure that “no portion of the GDPR lessens protections or reduces the rights of individuals within the EU” and that “harmonization of a high level of protection remains the goal.”

Additionally, the paper stated that the EU and the US should stand up for strong encryption, and reject any law or policy that would undermine the security of consumers and Internet users. Both parties should end the mass surveillance of people and the EU must ensure that fundamental human rights such as privacy are respected in the wake of political urgency for more intrusive surveillance laws and practices to generate false assumption of higher level of safety and security.

Finally, organisations propose that the EU and the US should commit to annual summit with the full participation of civil society organisations to assess progress toward these goals.

Commissioner Jourová welcomed the comments of the civil society organisations.

NGO letter to Commissioner Jourová and Secretary Pritzker (12.11.2015)

Commissioner Jourova’s Speech at the Brookings Institute (16.11.2015)

Fortify New US-EU Data Transfer Pact, Privacy Groups Urge, Law360 (13.11.2015)

Article 29 Working Party: Statement on Safe Harbor (16.10.2015)

US House: Hearing on Safe Harbor (27.10.2015)

EU High Court: Press Release on Safe Harbor Decision (06.10.2015)

EPIC: Max Schrems v Irish Data Protection Commissioner (Safe Harbor)

The New York Times: “Digital Privacy, in the U.S. and Europe,” by Marc Rotenberg, Anna Fielder, Jeff Chester (13.10.2015)

(Contribution by Fanny Hidvegi, EPIC, US)