3.6.16: EU-USA "Umbrella Agreement" of the exchange of personal data for purposes of law enforcement - agreed
Enhanced data protection rights for EU citizens in law enforcement cooperation : EU and US sign "Umbrella agreement" (Press release, pdf):
"On 2 June 2016, the European Union and the United States of America signed the so-called "Umbrella agreement" which puts in place a comprehensive high-level data protection framework for criminal law enforcement cooperation...
"Next step: After the signature and before the agreement can be finally concluded, the European Parliament will need to give its consent."
The "Umbrella Agreement" on the exchange of personal data - its Scope (Art 1): covers:
"The purpose of this Agreement is to ensure a high level of protection of personal information and enhance cooperation between the United States and the European Union and its Member States, in relation to the prevention, investigation, detection or prosecution of criminal offenses, including terrorism."
Note: the Scope covers all crimes however, minor.
- Agreement between the United States of America and the European Union on the protection of personal information relating to the prevention, investigation, detection, and prosecution of criminal offenses (Full-text, pdf) - Draft Council Decision - Adoption (pdf) - Council Decision (pdf)
The Agreement expressly excludes the security and intelligence agencies.
And: Marc Rotenberg President, EPIC Adjunct Professor, Georgetown Law Hearing: ""The Judicial Redress Act does not provide adequate protection to permit data transfers and it does not address the many provisions in the Privacy Act that need to be updated."
And see:
- Council of the European Union: Joint EU-U.S. press statement following the EU-U.S. Justice and Home Affairs Ministerial meeting of 2 June 2016 (pdf)
- European Commission: Joint EU-U.S. press statement following the EU-U.S. Justice and Home Affairs Ministerial meeting (pdf)
30.4.16: "ANOTHER DODGY DEAL": EU-USA: DATA PROTECTION: "UMBRELLA AGREEMENT": Proposal for a COUNCIL DECISION on the signing, on behalf of the European Union, of an Agreement between the United States of America and the European Union on the protection of personal information relating to the prevention, investigation, detection, and prosecution of criminal offenses (pdf) and Annex (pdf)
And see: Marc Rotenberg President, EPIC Adjunct Professor, Georgetown Law Hearing: ""The Judicial Redress Act does not provide adequate protection to permit data transfers and it does not address the many provisions in the Privacy Act that need to be updated."
EU-USA: EPIC Intervenes in Privacy Case before European Court of Human Rights (link)
Today EPIC filed a brief in a case before the European Court of Human Rights. The case involves a challenge brought by 10 human rights organizations arguing that surveillance by British and U.S. intelligence organizations violated their fundamental rights. In its brief, EPIC explained that the NSA's "technological capacities" enable "wide scale surveillance" and that U.S. statutes do not restrict surveillance of non-U.S. persons abroad. "The NSA collects personal data from around the world and transfer that data without adequate legal protections." EPIC routinely files amicus briefs in federal and state cases that raise novel privacy issues. This is EPIC's first brief for the Court of Human Rights in Strasbourg. [emphasis added]
EU-USA Data protection: EPIC: 'Judicial Redress Act' Provides Little Redress
"The Judicial Redress Act of 2015, which amends the Privacy Act of 1974, has been passed by Congress and moved on to the President for signature. The Act fails to extend Privacy Act protections to non-US citizens, and as adopted coerces EU countries to transfer data to the US.."
EU-USA: While President Obama signs the Judicial Redress act, are the European Commission and the Parliament sharing the same Umbrella? (EASFJ, link):
"The European Commission is dealing with challenges on another EU-U.S. data sharing deal: the Parliament legal service and MEPs argued that the so-called Umbrella Agreement, which will be brought into being with the signature of the Judicial Redress Act, does not comply with EU law."
European Parliament: Follow-up to the European Parliament resolution of 12 March 2014 on the electronic mass surveillance of EU citizens (Text adopted, pdf) and Mass surveillance: EU citizens' rights still in danger, says Parliament (Press release, pdf):
"Too little has been done to safeguard citizens' fundamental rights following revelations of electronic mass surveillance, say MEPs in a resolution voted on Thursday. They urge the EU Commission to ensure that all data transfers to the US are subject to an "effective level of protection" and ask EU member states to grant protection to Edward Snowden, as a "human rights defender". Parliament also raises concerns about surveillance laws in several EU countries.
This resolution, approved by 342 votes to 274, with 29 abstention"
Europe Is Spying on You (nytimes.com, link): article on the threats of surveillance law just published by the Council of Europe Commissioner for Human Rights, Nils Muiznieks, in the New York Times: "When Edward Snowden disclosed details of America’s huge surveillance program two years ago, many in Europe thought that the response would be increased transparency and stronger oversight of security services. European countries, however, are moving in the opposite direction. Instead of more public scrutiny, we are getting more snooping."
EU-USA "UMBRELLA" AGREEMENT: Study: Fundamental Rights European Experts Group (FREE): prepared by Douwe Korff
- NOTE on the EU-US Umbrella Data Protection Agreement (pdf)
"We believe the following aspects of the Umbrella Agreement violate, or are likely to lead to violations of, the Treaties and the EU Charter of Fundamental Rights:
The Umbrella Agreement appears to allow the “sharing” of data sent by EU law enforcement agencies to US law enforcement agencies with US national security agencies (including the FBI and the US NSA) for use in the latter’s mass surveillance and data mining operations; as well as the “onward transfer” of such data to “third parties”, including national security agencies of yet other (“third”) countries, which the Agreement says may not be subjected to “generic data protection conditions
The Agreement should therefore, in our view, cannot be approved by the European Parliament in its present form”
- Data flow: Chart 1 (pdf) and Data flow Chart 2 (pdf)
- Letter from Commissioner: announcing "deal" (pdf)
- EU-USA Umbrella Agreement: Full-text (pdf)
EU-USA: DATA PROTECTION: European Data Protection Supervisor (EDPS): EDPS: Enforcing EU data protection law essential for rebuilding trust between EU-US (Press release, pdf) and Opinion (pdf):
"Peter Hustinx, EDPS, said: "The rights of EU citizens to the protection of their privacy and personal information are enshrined in EU law. The mass surveillance of EU citizens by US and other intelligence agencies disregards these rights. As well as supporting a privacy act in the USA, Europe must insist on the strict enforcement of existing EU legislation, promote international privacy standards and swiftly adopt the reform of the EU data protection Regulation. A concerted effort to restore trust is required. " who also comments:
"It is... essential that progress is made quickly to thwart the attempts serving political and economic interests to restrict the fundamental rights to privacy and data protection."
EU-USA: DATA PROTECTION "UMBRELLA" AGREEMENT: European Parliament Press release: Civil liberties MEPs make case for data protection during Washington visit (pdf):
"A delegation from the civil liberties committee visited Washington DC last week to find out the latest information on issues such as data protection and legislation on surveillance activities from their American counterparts. The MEPs also provided updates on the EU's data protection reform and on counter-terrorism initiatives, including the passenger name records (PNR) proposal"
See also:Close your Facebook account is you do not want to be spied on: EU-US data pact skewered in court hearing (euobserver, link) Extraordinary statement by Commission lawyer in Court of European Justice (CJEU):
"A lawyer for the European Commission told an EU judge on Tuesday (24 March) he should close his Facebook page if he wants to stop the US snooping on him, in what amounts to an admission that Safe Harbour, an EU-US data protection pact, doesn’t work.
“You might consider closing your Facebook account, if you have one,” European Commission attorney Bernhard Schima told attorney-general Yves Bot at the European Court of Justice in Luxembourg."
Spotted an error? If you've spotted a problem with this page, just click once to let us know.
Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author. Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement. Registered UK charity number: 1154784. Registered UK company number: 08480724. Registered company name: The Libertarian Research & Education Trust. Registered office: MayDay Rooms, 88 Fleet Street, London EC4Y 1DH. © Statewatch ISSN 1756-851X. Personal usage as private individuals "fair dealing" is allowed. We also welcome links to material on our site. Usage by those working for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law.