"Bulk data" transfers to the US against EU law, warn MEPs
Euro-MPs warned today that any new agreement on providing bank data to the United States must avoid "bulk data" transfers until they can be processed within the EU.
As for Passenger Name Records, the European Parliament opted to postpone its vote on the existing agreements with the United States and Australia and called for those accords to be renegotiated on the basis of new criteria.
MEPs voted on two resolutions in Brussels today, one on the opening of negotiations for an EU-US agreement to provide the US Treasury Department with bank data to combat terrorism, the other on the launch of negotiations for Passenger Name Record (PNR) agreements with the United States, Australia and Canada, also for counter-terrorism purposes.
Bank data transfers
On the issue of bank data transfers, Parliament argues in a resolution adopted by show of hands, that bulk data transfers infringe EU legislation. It urges the Council and Commission to "address this issue properly in the negotiations". In addition, the new agreement should include "strict implementation and supervision safeguards, monitored by an appropriate EU-appointed authority" on the day-to-day extraction of and use by the US authorities of all such data. The maximum storage period must not exceed five years and the data may not be disclosed to third countries.
Any new agreement should be limited in duration and pave the way for arrangements to enable requested data to be extracted on European soil, say MEPs. They believe that "the option offering the highest level of guarantees" would be to allow for the extraction of data to take place on EU soil, in EU or joint EU-US facilities. In the medium term, an EU judicial authority should oversee the extraction of data in the EU. Meanwhile, select EU personnel should take part in the oversight of the extraction process in the USA.
Reciprocity would require the Americans to allow EU authorities to obtain and use data stored in servers in the US.
Parliament wants access to any documents that demonstrate the need for the scheme. It also wants to know whether the envisaged agreement will guarantee the same rights to European citizens as to Americans in the event of any abuse of the data: the rights guaranteed under the US Privacy Act can be invoked only by citizens and permanent residents of the United States.
Passenger name records: Parliament postpones its vote
The accords with the United States and Australia on Passenger Name Records need Parliament's approval but, in a resolution also adopted by show of hands, the EP decided to postpone its vote.
MEPs want to explore the options for arrangements for the use of PNR that are in line with EU law and meet the concerns expressed by Parliament in earlier resolutions on data protection, proportionality and opportunities for redress.
They call on the Commission to present, no later than mid-July 2010, a proposal for a single PNR model and a draft mandate for negotiations with third countries. The model should ensure that data is only used for law enforcement and security purposes, is not used for profiling and is not forwarded to third countries. MEPs also argue that PNR data alone must not be used as grounds for banning an individual from flying.