The European Union (EU) and the US are set to embark on a data-protection agreement that will see a unified fight against terrorism and crime, as well as ensuring a high level of protection for personal data.
The agreement, which was approved recently by EU justice ministers to start talks between the EU and US, aims to protect personal information, such as passenger data and financial information, enhance citizens’ right to access, and rectify or delete data.
Both parties hope that the agreement will prevent, detect or help them prosecute criminal offences, including terrorism.
“Protection of personal data is a fundamental right for EU citizens. To guarantee this right, we need to be ambitious in our approach to personal data protection – both at home and abroad," said vice-president Viviane Reding, the EU’s Justice Commissioner.
“Today’s decision gives us the green light to negotiate a solid and coherent agreement with the US, which balances enforceable rights for individuals with the strong co-operation we need to prevent terrorism and organised crime. I look forward to meeting my US counterparts in Washington next week to kick start these important negotiations.”
The European Commission (EC) had recently set out a strategy to strengthen EU data protection rules in all policy areas, including law enforcement, while reducing red tape for business and guaranteeing the free circulation of data within the EU.
The Commission also proposed legislation to protect individuals’ information in order to revise the EU’s 1995 Data Protection Directive in 2011.
The purpose of the negotiations approved today is also to address and overcome the differences that exist between the US and EU in their approaches in protecting personal data.
The EU has set out a mandate to negotiate an "umbrella agreement" for data transfer between them and the US.
What the EU hopes to achieve from the mandate:
- Providing a coherent and harmonised set of data-protection standards, including essential principles such as proportionality, data minimisation, minimal retention periods and purpose limitation.
- Containing all the necessary data protection standards in line with the EU’s existing data protection rules, such as enforceable rights of individuals, administrative and judicial redress or a non-discrimination clause.
- Ensuring the effective application of data protection standards and their control by independent public authorities.
The Commission will keep the European Parliament fully informed at all stages of the negotiations.