Communications Litigation Today was a Warren News publication.

Europe needs a new data protection compact, said...

Europe needs a new data protection compact, said EU Justice, Fundamental Rights and Citizenship Commissioner Viviane Reding Tuesday. From a citizen’s perspective, the issues of data collection by companies and government surveillance are connected, Reding said at the Center for European Policy Studies in Brussels. Surveillance involves companies whose services people use daily, through which governments build back doors and weaken encryption, she said. Concerns about snooping drive consumers away from digital services. From citizens’ perspectives, the underlying issue is the same in both cases, she said. “Data should not be processed simply because algorithms are refined.” Europe is responding to the revelations of U.S. spying by pressuring the U.S. to make the safe harbor agreement for transfer of Europeans’ personal data to the U.S. stronger, she said. It’s also pushing for a strong EU-U.S. data protection pact in the law enforcement arena and to ensure that European concerns are addressed in the reform of U.S surveillance programs, she said. But Reding warned that if the EU wants to be credible in its efforts to rebuild trust in the digital economy, it must clean up its own act. EU lawmakers want a strong data protection regulation now, but governments haven’t agreed on anything other than finishing data protection reform in a “timely” manner, at the latest by year’s end, she said. “This is a lowest and slowest common denominator approach” when high standards and protection levels, and speedy completion of the work, are needed, she said. She also criticized some EU members for failing to serve as an example on privacy for other parts of the world. Reding singled out the U.K.’s Tempora surveillance program, saying national security is up to each individual administration, but “if I come across a single email, a single piece of evidence” that Tempora isn’t used strictly for national security, “I will launch infringement proceedings.” Other bad examples are the lack of independence of Germany’s federal data protection commissioner, and Europe’s faulty data retention law, which allows information to be held for too long and to be too easily accessed, she said. Reding outlined data protection principles to govern the way the public and private sector process personal information: (1) Quick approval of the data protection reform package, which should apply to the public and private sectors alike. (2) Public debate on laws setting out data protection rules or affecting privacy. (3) Restricting data collection in surveillance to what’s proportionate to the goals of the spying. (4) Clear laws that are updated for technological change. (5) Invoking national security needs for data collection sparingly. (6) Oversight by judicial authorities. Reding also sent a message to the U.S. saying “data protection rules should apply irrespective of the nationality of the person concerned.”