Earlier today, in a brisk memo (reproduced in its entirety below), EU Vice President Viviane Reding called EU data protection reform “the answer to PRISM” and called PRISM a “wake-up call.” She itemized the need for broad jurisdiction and enforcement, and stated that governments collecting data on EU citizens outside their territory never should obtain it directly from a company but should function only under judicial control. It is not clear whether the FISA Court in the US would satisfy that standard or whether the “judicial control” envisioned is the from the EU citizens’ home country. In the Hogan Lovells White Paper published in May, we explained that the governmental access without judicial approval Ms. Reding laments actually occurs in various jurisdictions in the EU itself.
Vice President Reding also said that the EU-US Safe Harbor “may not be so safe after all” and warned that the Commission will present a “solid assessment” of the Safe Harbor by the end of the year.
In contrast, a little over one year ago, Ms. Reding was a party to this statement:
The European Union and the United States are global leaders in protecting individual freedoms, including privacy, while at the same time fostering innovation and trade that are so critical to the world economy, notably in the present times. Stronger transatlantic cooperation in the field of data protection will enhance consumer trust and promote the continued growth of the global Internet economy and the evolving digital transatlantic common market. (Joint Statement on Data Protection by European Commission Vice-President Viviane Reding and U.S. Secretary of Commerce John Bryson, Mar. 19, 2012)
The starkness of today’s statement suggests that Vice President Reding has reevaluated her views and is renewing her efforts to have the proposed EU Data Protection Regulation enacted while questioning the continued viability of the EU-US Safe Harbor.