Europe's Justice Commissioner warned yesterday that data privacy concerns could derail a major trade deal between the US and the EU.
"The US will have to take European concerns about privacy and data protection very seriously, otherwise the European Parliament may decide to reject the TTIP," Commissioner Viviane Reding said at a conference in Washington.
TTIP - the Transatlantic Trade and Investment Partnership - is being negotiated in secret between the EU and US. It has provoked concerns in Europe that it could weaken citizens' privacy rights.
The issue of protection of personal data could "easily derail" the negotiations, Reding said, and she warned against including the topic in the trade talks. "Data protection is not red tape or a tariff. It is a fundamental right and as such it is not negotiable," she said.
Her opinion was echoed in an open letter from nearly 50 civil liberties organisations to the negotiators on Tuesday. "The proposed agreement should exclude any provisions related to patents, copyright, trademarks, data protection and any other form of so-called intellectual property. The negotiations must not lead to a rewriting of patent and copyright rules in a way that tilts the balance even further away from the interests of citizens," said the letter, which was signed by the European Digital Rights organisation EDRi, OpenRights Europe, Bits of Freedom and others.
Meanwhile at a parallel event in Brussels, Ken Propp from the US Department of State said that although allegations that the US National Security Agency snooped on EU citizens' data had damaged relations between the US and Europeans, this had nothing to do with "commercial flows of data".
The European Commission estimated the value of EU citizens' data was €315 billion in 2011 and said it had the potential to grow to nearly €1 trillion annually by 2020.
Propp said that he believed the Safe Harbor agreement between the EU and the US provided citizens with sufficient data privacy.
"There has been quite robust enforcement of the Safe Harbor agreement in the US. But on the other hand there has been a lack of specific cases referred to by European data protection supervisors," said Propp.
However he conceded that situations do change over time and a framework that was worked out more than 10 years ago is worth revisiting. The bilateral deal was reached in 2000, despite controversy at the time.
Under the voluntary Safe Harbor scheme, companies sign up to a set of rules to protect data privacy. They are then authorised to display a logo showing that they are part of the programme and the rules can be legally enforced.
Less than 3,000 companies have signed up thus far. Galexia, an Australian consulting company, carried out research into the Safe Harbour scheme and found that in about one out of seven instances of the logo being displayed, the company is doing so falsely and is not a legitimate signatory to the programme.
Reding said at the start of the week that the Safe Harbor agreement is not so safe at all.
"Inter-operability and a system of self-regulation is not enough. Including a legal provision on judicial redress for EU citizens, regardless of their residence, in the forthcoming US Privacy Act is an essential step towards restoring trust among partners," she said.
According to the Commission more than 70% of EU citizens want to have more control over how their data is used online.