US Justice official hits out at EU data protection proposals

New directive would greatly hinder law enforcement, says deputy assistant attorney general

The international affairs chief at the U.S. Department of Justice on Wednesday expressed concern with the European Union's revision of the Data Protection Directive.

U.S. Deputy Assistant Attorney General Bruce C. Swartz said that the proposals requiring the renegotiation of international treaties within five years were particularly worrying and could undermine much of the cooperation between E.U. and U.S. law enforcement agencies

Swartz also said that the section on transfer of personal data to third countries for law enforcement was of grave concern.

In chapter five of the proposed directive, it clarifies that transfers to third countries may take place only if the transfer is necessary for the prevention, investigation, detection or prosecution of criminal offenses or the execution of criminal penalties. But that this should only happen where those third countries are deemed to have an adequate level of data protection.

To date, only a tiny number of countries have had their laws deemed adequate: Uruguay, Switzerland, Israel, Canada, Argentina, Guernsey, Isle of Man and the U.S. But Swartz pointed out that Interpol is active in more than 180 countries worldwide. "This would mean that there would have to be a derogation for every single data transfer request. This would dramatically slow, if not prevent entirely, the flow of information that we find essential in fighting crime," he said.

Formal adequacy decisions are made by the Commission after the Article 29 Working Group has done an assessment. But article 34 of the proposed directive says that if adequacy decisions do not exist, the European Commission can "assess the level of protection afforded by a territory or a processing sector" and allow transfers to take place "on the basis of appropriate safeguards and derogations". The factors assessed to decide if a third country has an adequate level of protection include the rule of law, independent supervision and judicial redress.

This requirement related to judicial redress is reiterated in the data directive revision's Article 54, which requires the right to compensation, something that Swartz finds alarming. "It essentially makes any data processor liable if there is any misuse of that data. Not a 'willful' or 'negligent' misuse. The chilling effect this has on law enforcement agencies is enormous," he said.

Follow Jennifer on Twitter at @BrusselsGeek or email tips and comments to jennifer_baker@idg.com.

Comments

Tom Brown

1

Again the US wants freedom( to rendition), this time your personal affairs.

How can the US be regarded as complying with data protection when from the article they transfer data to 3rd party countries who do not have those protections?
They might as well just hand it over to the criminal cartels, maybe a Wikiwhateveryouwantifyouhavethemoney.com website.

Comments are now closed.
Related Whitepapers
Latest Stories
Community Comments
Get exclusive access to ARN's news, research and invitation only events.
ARN Distributor Directory
ARN Vendor Directory
Microsites

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

 

Latest News

Apr 17
Splunk exec defects to tech disruptor Elasticsearch
Apr 17
JCurve acquisition to boost telco play following $A2.5m capital raising
Apr 17
Vodafone tackles FIFA World Cup with $5 roaming in Brazil
Apr 17
Kim Dotcom says he's set to get assets back
More News
24 Apr
The China Healthcare ICT Conference 2014
05 May
CeBIT Australia 2014
06 May
Oracle Day 2014 - Across 2 Cities
06 May
Oracle Day 2014 - Across 2 Cities
View all events