Firstly, she insisted on the centrality of Euro-American cooperation,
but she indicated that it can not be achieved at the expense
of either party. The "EU (must be) capable of acting shoulder
to shoulder as a true counterpart to the U.S." she said.
Stating that "proposed interim-agreement is a significant
departure", she regretted that the Council and Commission "failed
to act appropriately and effectively," adding that "it
must be clear that Parliament is not out there to just passively
take note of (their) actions," Most important is that the
lack of reciprocity has not been addressed as well as the setting-up
of an effective supervision of data exchange, she emphasized.
Moreover, everyone knows the U.S. Congress would never adopt
such an agreement granting the transfer of fellow citizens' data
to any "foreign power" including the European Union,
Let me start by underlining that I too support a strong, outward-looking
EU that is capable of acting shoulder to shoulder as a true
counterpart to the US. In that framework it is of crucial importance
to be open, fair and transparent if we are to address the issue
of how Europe should cooperate with
the US on counter-terrorism purposes, including law enforcement
use of data collected for commercial ends.
Without a doubt, the targeted exchange and use of data for
counter-terrorism purposes is and will remain necessary. But
let me be clear: the European citizens must be able to have
trust in both, security and data claims. Getting it right -
the first time around, should be the objective. However, Council
has been insufficiently strong to do so.
Indeed, the proposed interim-agreement is a significant departure
from European law in how law enforcement
agencies would obtain financial records of individuals, namely
through court-approved warrants or subpoenas to examine specific
transactions. But with the proposed interim-agreement we, instead,
rely on broad administrative subpoenas for millions of records
of European citizens. By the very nature of SWIFT it is not
possible to refer to so-called limited requests. For technical
and governance reasons SWIFT has to transfer bulk data, thereby
violating the basic principles of EU data protection law such
as necessity and proportionality. And this cannot be rectified
ex post by mechanisms of oversight and control.
At all times it must be clear that Parliament is not out there
to just passively take note of the actions of Council and Commission.
Fact is that this house is always being promised jam tomorrow,
if only we would be patient. However, we cannot keep falling
for vague promises, we need clear commitments by now. The ball
was in Council’s court but it failed to act appropriately
and effectively. Council has known about the problems for over
two years but has done nothing in time to deal with it.
In its declaration Council stated that it wants to ensure
the utmost respect for privacy and data, but failed to address
(in particular) the rights of access, rectification, compensation
and redress outside the EU for data subjects. Council stated
that it wants to ensure the TFTP to continue. However, it failed
to address the fact that (in this way) the EU would continue
to outsource its financial intelligence service to the US.
The lack of reciprocity was not being addressed. True reciprocity
would allow the EU authorities to obtain similar data stored
in the US and in the long term consider the necessity of building
up own capacity. Council did not show any commitment to line
up with existing legislation, as the data retention directive
for the telecom service providers which does deal with specific
data. Council failed to clarify the precise role of the ‘public
authority’. A ‘push’system does not mean
anything if, in actual practice, SWIFT has to transfer bulk
data. Transfer and storage are, in other words, by definition
disproportionate. And Council did not address a European solution
for the supervision of data exchange.
The rule of law is crucially important. Though, our laws are
being broken and under this agreement they would continue to
be broken. Parliament should not be complicit in this. Negotiations
on the long term agreement should instead be launched immediately.
By withholding our consent on the interim agreement, the security
of European citizens is not being compromised. Targeted trans-Atlantic
data-exchange will remain possible.
And a last point: if the US administration would propose to
US Congress something equivalent to this, to transfer in bulk
bank-data of American citizens to a ‘foreign power’,
we all know what US Congress would say, don’t we?!