On Monday, the Civil Liberties Committee heard a presentation from the European Parliament’s Legal Service on the Court of Justice’s recent Schrems ruling, in which it declared the “Safe Harbour” agreement invalid.
Since 2000 this has governed the rules for transferring personal data from the European Union to the United States.
The Legal Service explained that the Court deemed the decision not to be in line with the Charter of Fundamental Rights of the European Union, stating that a “high level of protection” has to be afforded, also with regard to transfers of data to third countries. While this level of protection does not have to be identical, it does have to be similar.
The Court also maintained that in order to provide this high level of protection, a third country must provide this equivalent level in its binding legal order, meaning that voluntarily efforts are not sufficient. Indeed, this was one of the main reasons for rejecting the agreement.
The EP Legal Service also explained that the Court also offered some guiding principles for future data protection cases, declaring the legislation could never authorise mass surveillance (“access on a generalised basis to the content of electronic communications”) because this would violate the right to privacy, and that effective legal remedies have to exist.
The Court also looked into the interpretation of the Directive, noting that in no way can the Commission restrict the power of the national data protection authorities in the way that it has done, because this power has not been conferred unto it.
MEPs welcomed the judgement and the initiative of the Austrian student that enabled it to come about. They agreed that the response to this decision could not be a quick fix, particularly because it is the legal environment of the United States that has to change.
Dutch Liberal Sophia in 't Veld called for the United States to act so that data transfers could continue in the future, but noted that many Member States are also not meeting the standards set by the Court.
A representative from the European Commission said this ruling should be seen as supporting the Commission’s efforts to strengthen the rules, saying that its 13 recommendations for reforming the agreement had already taken into account the weaknesses in the framework highlighted by the judgement, to the dissatisfaction of some MEPs.
MEPs continued this discussion in plenary on Wednesday, in the presence of Věra Jourová, the Commissioner for Justice, Consumers and Gender Equality, and Nicolas Schmit, the Luxembourg Minister for Labour, Employment and the Social Economy.
During the session in Brussels, MEPs called for fast and effective from the Commission in order to ensure that the personal data of EU citizens is sufficiently protected, but many also noted the legal uncertainty generated by the decision and the practical difficulties deriving from it.
Commissioner Jourová explained that she is working intensively on a strategy to resolve the situation, saying that there is ongoing work with the national data protection authorities in order to ensure a coordinated response to the verdict, as well as discussions with US counterparts to discuss the next steps.
In the medium term, the Commissioner said that she hoped for good results in the negotiations with the United States for a renewed Safe Harbour agreement. However in the meantime, the conditions outlined in the Data Protection Directive on the international transfer of personal data must now be applied.
This content is supplied by Dods EU Monitoring. Want to know more? Click here for a free trial.