Tomorrow the European Parliament will be presented with a no compromise set of recommendations on the PRISM / NSA surveillance scandal. In an unusually outspoken report, the Parliament will be told that the only solution will be to target changes in the United States legal code. In other words, Europe must lobby the US for legal amendments that will protect EU citizens rights when data is held across the Atlantic.

 The report, commissioned by the European Parliament from external advisers, will be presented at tomorrow’s meeting of the Civil Liberties (LIBE)  committee, which is responsible for data protection and privacy matters.

 The report text  states that the ‘US has continuously disregarded the fundamental rights of non-US citizens’.  It goes on to say that ‘No force of law can guarantee priacy rights in the face of an organisation like the NSA  trying to breach them’  and doing so lawfully on its own terms. However, whilst it appears supportive of the disappeared Article 42 – the so-called ‘anti-FISA clause’ -  it recommends that the Parliament should study further how it would operate. (This was the Clause that the European Commission had written into its revision of data protection law, but which was mysteriously not there when the law was presented to the Parliament; FISA is the  law that governs NSA requests to foreign organisations).

 Hence  the report concludes: 

It seems that the only solution which can be trusted to resolve the PRISM affair must involve changes to the law of the US, and this should be the strategic objective of the EU. Furthermore, the EU must examine with great care the precise type of treaty instrument proposed in any future settlement with the US.

 The report is also dammning of the EU ‘safe harbor’ principle, which, it says acts more as a loophole for US companies.  And it is wary of the ability of cloud computing services based in the US, to protect the fundamental rights of EU citizens, saying that such services put European data sovereignty at risk.

 On that score, the report calls on the EU to build up its industrial policy to foster ‘an  autonomous European Cloud computing capacity’. This should be a wake-up call to the EU and Member State governments such as the UK, who have maintained weak a  industrial policy for many years.

 The Civil Liberties (LIBE) committee will also consider a letter from the Commissioner Cecilia Malmstrom  to David S. Cohen, who is the US Under-secretary of the Treasury. Mrs Malmstrom has repeated the EU demands for clarification of the NSA surveillance of European citizens – a demand that so far has fallen on deaf ears. In particular, she asks about its alleged access to the Swift banking system.

The LIBE report  will be a double-edged sword for Mrs Malmstrom’s colleague,  Commissioner Viviane Reding. She had hoped to get the new Data Protection Regulation adopted by next Spring. However, this LIBE  report implies changes in data protection strategy that could put her Regulation on the back burner for some time – even though she is likely to agree with it.

Of course, such a strategy as recommended by this report will also have implications for the EU-US Trade Agreement, known as TTIP. Trade Commissioner Karel de Gucht is unlikely to be happy when he hears it.

 This is an original article from and reflects research that I have carried out. If you refer to it or to its content, please cite my name as the author, and provide a link back to Media and Academics – please cite as Monica Horten, 2013,   Demand change to US privacy law, EU Parliament told,, 23  September  2013. Commercial users - please contact me.