Dublin MEP Nessa Childers stated that today’s European Court of Justice’s ruling, declaring that the EU US Safe Harbour agreement is invalid, is a victory for EU citizens’ rights to privacy and data protection, and that it must prompt a serious rethink of how such matters are handled.
The Safe Harbour agreement dates back to 2000 and was intended to guarantee that European citizens’ data were afforded adequate privacy protection when companies transfer those data to the US jurisdiction.
Speaking from Strasbourg in reaction to today’s ruling, on foot of a referral from the High Court of Ireland, Ms. Childers said:
“Edward Snowden’s leaks over two years ago were just the latest element which demonstrated beyond any doubt that Safe Harbour’s guarantees do not hold water.
“Dating back to 2000, Safe Harbour is patently obsolete, and you could run a ship through the national security exemption.
“It predates the current realities of constant online connectivity, mobile internet access and the mass collection of user data by corporate digital giants such as Google or Facebook.
“On top of that, it predates the onslaught of mass surveillance practices that the U.S. national security apparatus has been developing since 9/11, the full extent of which was brought to light by the Snowden scandal.
“The ECJ ruling validates our view, as European parliamentarians, last reiterated over a year ago in a resolution demanding the outright suspension of the agreement.
“Nobody can claim with a straight face that EU citizens’ data are properly dealt with and their privacy safeguarded just because this misnomer of an agreement is in place.
“We knew it, grassroots activists and experts knew it, the Data Protection Authorities in Germany stated it clearly and officially just last March.
“Snowden’s revelations showed the American authorities engage in warrantless, dragnet collection of their own citizens’ data, not to mention what they do to those of non-US nationals, whom they have full legal cover to spy on, anyway.
Yet the Commission has been entangled in talks with the US government for over a year, while the agreement remains in place. This keeps national authorities hands’ tied, and that is when they are willing to act, which is not always the case.
“Now the ECJ has put an end to this dilly-dallying.
“The Commission must act fast and bring forward a proper proposal that suits our present day’s realities, and doesn’t make a mockery of fundamental rights.
“Had they not kept their heads buried in the sand, the kind of homework they actually need to be doing would now be well underway.
“I’m increasingly convinced that this must encompass a review of the competences and the division of labour between national data protection authorities, the European Commission and the European Data Protection Supervisor.
“We cannot expect our small Athlone-based and arguably dismissive Irish Data Protection Commission to have the capacity and the necessary competences to deal with the probable avalanche of data protection cases that stem from the digital economy giants’ choice of European headquarters in Ireland.
Ms. Childers added that the ECJ decision also casts doubts over the EU’s negotiations of broad reaching international trade talks with the US:
“This ruling has serious implications for the facile approach the Commission has taken to the compatibility of our fundamental rules and values on both sides of the Atlantic for the purpose of our trade talks towards TTIP.
“I expect that all aspects impinging on privacy and data protection must be reassessed in light of the ECJ’s quashing of Safe Harbour.”