Amongst the news of the Umbrella Agreement between the EU and U.S. on the sharing of law enforcement information announced in late September was a caveat: The European Commission would not sign on until the passage of U.S. HR 1428, also known as the Judicial Redress Act.
One might think, given the relative gridlock that usually grips the U.S. Congress, that this would not be a small matter. However, the House of Representatives last night did in fact pass HR 1428, moving the bill a step closer to law. The Senate must now take the legislation up.
This bill is not just important for the Umbrella Agreement, however. Many observers here in Brussels believe the Judicial Redress Act is also vital for the creation of “Safe Harbor 2.0,” which the U.S. Department of Congress and the European Commission have been negotiating for the past two years.
The Judicial Redress Act would “designate foreign countries or regional economic integration organizations whose natural citizens may bring civil actions under the Privacy Act of 1974 against certain U.S. government agencies for purposes of accessing, amending or redressing unlawful disclosures of records maintained by an agency.”
The idea is that the U.S. Department of Justice could designate the EU's member states and then European citizens would have the legal recourse they desire, should their data be inappropriately accessed by law enforcement in the U.S. In an interview, European Data Protection Supervisor Giovanni Buttarelli identified this bill specifically as something that would allow the U.S. to move toward becoming “essentially equivalent” to the EU, which would address the recent ruling of the European Court of Justice (ECJ).
Further, the European Commission’s Bruno Gencarelli, head of unit for data protection in DG Justice, called passage of the Judicial Redress Act a “huge step” in moving toward a “sustainable” Safe Harbor 2.0. He said both the Commission and Commerce know that the next agreement will be brought before the ECJ in short order and that any new agreement must be able to withstand that scrutiny or it would be a “disaster.”
Finally, Věra Jourová, the commissioner overseeing Safe Harbor’s negotiations, said the bill “specifically addresses the situation” in her explanation of next steps to the European Parliament.
However, a number of privacy advocates here in Brussels are skeptical that the Judicial Redress Act will get a Safe Harbor 2.0 past the ECJ. The Privacy Act of 1974 has a number of carve-outs for law enforcement and intelligence actions. What good would this do EU citizens if they are concerned about things like the PRISM program, run by the U.S. National Security Agency (NSA), and the NSA is exempt from the Privacy Act’s provisions?
That’s a question sure to be thrown around on both continents in the days and months to come.
If you want to comment on this post, you need to login.