Alongside the European Parliament, the EU executive also wants to weigh in on the preparation and negotiation of a future mandate for a transatlantic agreement on US access to European financial data from SWIFT, a Belgian-based private financial company.

The person in charge at the European Commission is Swedish-born Cecilia Malmström responsible for internal security (home affairs), but Viviane Reding, the commissioner for justice, fundamental rights and citizenship, also intends to play an important role.

Reading already has three general demands: the negotiation of a new SWIFT agreement must respect all European principles relating to data protection, such as legality and the need for this access – legal safeguards need to be put in place to ensure that there is no violation of fundamental rights; European citizens must know what data they are providing and must be able to appeal to the American legal system. “I am committed to ensuring that these rights are fully protected here and in the United States. They must be included in black and white in all agreements,” confirmed the former telecoms commissioner.

These demands correspond more or less with those of the European Parliament. In fact following the resounding ‘no’ vote there, Reding, who like Malmström is a former MEP, announced, “the Parliament has spoken, The European Commission, which is answerable to the European Parliament, must respect this decision”. In an interview with the Belgian economic daily newspaper L’Echo (6-7 March), she went a step further in openly criticising the conditions in which the United States signed the agreement, on 30 November 2009: “The Council signed this text on the eve of the entry into force of the new Lisbon Treaty in order to prevent the Parliament from having its say. That’s not how it’s done,” she said before adding that “the Parliament is correct in saying that the rules [on data protection] must also be respected in our relations with third countries,” pointing out that, according to the new treaty, “the Commission and not the Council negotiates with our partners”.

“It will be the Commission’s role to ensure that all useful guarantees of data protection and the protection of EU citizens’ private lives should be incorporated into any future agreement,” responded Malmström before describing the parliamentary vote as “backtracking”.

RECIPROCITY AND APPEALS

After a brief ‘cold war’, the EU and the United States have renewed their dialogue. And the demands of the European Parliament – which is expected to approve the final text – are now clearer. The rapporteur, Jeanine Hennis-Plasschaert (ALDE, Netherlands) explained to Europoliticsthat reciprocity is one of the fundamental aspects. “If you’re allowed to rummage through my affairs, then I should be allowed to go through yours,” she said. In other words, Europeans should have access to American data. “It must work both ways,” she insisted.

MEPs said ‘no’ to the first temporary nine-month agreement, which demanded a new negotiating mandate immediately, because they were not satisfied with the guarantees given, which they believe are key to any exchange of private data. Their demands also relate to Europeans’ right to appeal against the use of their data in the United States and a limit of “a few years” on the amount of time the data can be kept. At the moment, according to the EP, data can be kept for anything up to 90 years as each federal agency in the US has its own data protection system.

“I think there is a negative perception of the way in which the US law protects European citizens,” said Nancy Libin, chief privacy and civil liberties officer at the US Department of Justice, and yet “they are treated in the same way as American citizens”, she said, speaking at a conference in Brussels, on 4 March. The Privacy Act reflects the “same values and principles” as the European system, she continued. She was, however, unable to answer questions on the SWIFT dossier, which falls under the US Treasury or on airline passenger information (PNR - see separate article), which falls under the US Department of Homeland Security.

The United States “confirms that Europeans have the same rights as Americans in terms of data protection, but according to our information, Americans’ rights are very limited,” added Hennis-Plasschaert.

Despite the shock of the transatlantic vote, Hennis-Plasschaert has had good contact with Washington and believes that the United States has become “much more realistic, pragmatic and constructive”. Nevertheless, she is still looking for an explanation for the differences between the way data are treated in the EU and the US.

Another question asked by the EP (over and above the mandate this time) refers to the subcontracting of SWIFT data by the Americans. “In my opinion, Europeans should at least be able to read the data” via Europol (the European law enforcement organisation), stated Hennis-Plasschaert. Nevertheless, those in charge in Europe were forced to acknowledge that only the Americans are able to manipulate the data. But they share them: “835 records received via SWIFT were passed on to Europeans in order to investigate the funding of terrorism in Europe,” added Malmström.

On 26-30 April, a delegation from the European Parliament is to visit Washington to meet members of the Treasury, the administration and the Congress.