[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FYI] US/EU: Data privacy talks near completion
- To: debate@fitug.de
- Subject: [FYI] US/EU: Data privacy talks near completion
- From: "Axel H Horns" <horns@t-online.de>
- Date: Mon, 20 Dec 1999 20:46:39 +0200
- Comment: This message comes from the debate mailing list.
- Organization: PA Axel H Horns
- Reply-to: horns@t-online.de
- Sender: owner-debate@fitug.de
http://www.ft.com/nbearchive/email-itindq309d3e.htm
------------------------------ CUT ---------------------------------
US/EU: Data privacy talks near completion
By Deborah Hargreaves in Brussels
US and EU political leaders agreed at a joint summit last week to try
to conclude their tortuous negotiations over data privacy by March.
The talks are vital for businesses that want to see rules in place to
protect the flow of personal data across the Atlantic.
The dispute arose when the EU passed legislation in October 1998
giving consumers the right to have access to personal information
held electronically by companies. The EU directive also contained
rules on how companies could use that data.
The US has no similar provisions, which theoretically means that EU
data protection authorities could stop some information being sent to
the US if they felt there was not adequate protection.
Talks with the US on reaching some kind of common solution to the
different levels of protection offered to consumers in the EU and US
have been going on for 20 months. "A lot of people in business are
getting very impatient and want to see this resolved as quickly as
possible," said Christiaan van der Valk, of the International
Chambers of Commerce in Paris.
Companies are worried that if the dispute is not resolved, it could
turn into a full-blown trade dispute and end up going through the
World Trade Organisation procedures which would take even longer.
"It's going to have to be resolved in the next few months, because
patience may be running out and interest in getting this done may be
running out," said Barbara Wellbery, counsellor to the US under-
secretary for electronic commerce.
The EU and US negotiators are discussing a self regulatory scheme
that US companies would sign up to, thereby committing themselves to
a set of data protection principles. "It would give us a framework
where now there is uncertainty, it would be good for business because
it would simplify things and it would push upwards data protection in
the US, but it isn't easy," said a European Commission official
involved in the talks.
One of the main stalling points is the way the US so-called "safe
harbour" scheme would be policed. "There is a lot of nervousness
amongst member states that the first line of enforcement would be
private sector bodies in the US with business organisations acting as
referees and no compulsory set of rules for such bodies," the
Commission official said.
[...]
------------------------------ CUT ---------------------------------
http://europa.eu.int/comm/dg15/en/media/dataprot/wpdocs/wp27en.htm
------------------------------ CUT ---------------------------------
Opinion 7/99 on the Level of Data Protection provided by the "Safe
Harbor" Principles as published together with the Frequently Asked
questions (FAQs) and other related documents on 15 and 16 November
1999 by the US Department of Commerce
Opinion 7/99 on the Level of Data Protection provided by the "Safe
Harbor" Principles as published together with the Frequently Asked
Questions (FAQs) and other related documents on 15 and 16 November
1999 by the US Department of Commerce
Adopted on 3 December 1999
The Working Party on the Protection of Individuals with regard to the
Processing of Personal Data
Set up by Directive 95/46/EC of the European Parliament and of the
Council of 24 October 19951,
Having regard to Articles 29 and 30 (b) of the Directive,
Having regard to its Rules of Procedure and in particular to Articles
12 and 14 thereof
Has adopted the present Opinion 7/99:
Introduction
The Working Party reaffirms its general policy on the methodology for
assessing the adequacy of data protection in any third country,
summarised in its Working Document of 24 July 1998 (WP 12: "Transfers
of personal data to third countries: applying Articles 25 and 26 of
the EU Data Protection Directive" 2).
The Working Party has followed closely the Commission's discussions
with the US Department of Commerce, attaches importance to them and
considers the "Safe Harbor" approach useful. It wishes to contribute
to the successful outcome of these discussions and considers that a
good result depends on a number of basic concerns being met.
In this context, the Working Party recalls that previous versions of
the "Safe Harbor" principles and Frequently Asked Questions (FAQs)
have been the subject of the following position papers:
1.Opinion 1/99 of 26 January 1999 (WP 15);
2.Opinion 2/99 of 19 April 1999 (WP 19);
3.Opinion 4/99 of 7 June 1999 (WP 21) and Working
Document of 7 September 1999 concerning
some of the FAQs (not public);
4.Working Document of 7 July 1999 (WP 23).
This Opinion refers to the latest version of the "Safe Harbor"
principles, FAQs and related documents as published on 15 and 16
November 19993 . The Working Party regrets that, on such an important
issue, the time left for taking a position was so short. It also
notes that none of the documents is considered "final" and therefore
reserves its position as regards any further development on the
texts.
The Working Party notes that some progress has been made but deplores
that most of the comments made in its previous position papers do not
seem to be addressed in the latest version of the US documents. The
Working Party therefore confirms its general concerns.
With a view to a possible finding of adequacy, and considering the
particular impact that such positive finding would have as a
reference point for other third countries, the Working Party
considers that the "Safe Harbor" should offer legal security not only
to the US organisations but also to the EU interested parties (data
controllers wishing to transfer data to the US, data subjects whose
data would be transferred, data protection authorities). Since its
Opinion 1/99, the Working Party has constantly held the view that, in
terms of substantive content, "any acceptable set of "Safe Harbor"
principles must, as a minimum requirement, include all the principles
set out in the OECD Privacy Guidelines" (adopted amongst others by
the United States and recently re-endorsed at the OECD Ottawa
Conference in October 1998).
[...]
------------------------------ CUT ---------------------------------