apr 052017

Dear Commissioner,

With this letter I would like to share with you key recommendations regarding the negotiation phase of Transatlantic Trade and Investment Partnership (TTIP), which aims at removing trade barriers in a range of economic sectors[1]. When negotiations are completed, this United States of America (US) and the European Union (EU) agreement would be the largest bilateral deal concluded[2]. As a result, TTIP regulations should be carefully negotiated, because it will have an effect not only on the procedural aspects of the trade, but also on the voluntary data protection standards. Attention should be paid to the current differences between regulations in the field of protection of personal data. Therefore, prior to accepting the terms of TTIP agreement, considerations should be given to identification and implementation of privacy standards as well as its successful monitoring, since the private EU customer information will be more accessible to the US businesses with the expected ease of an increased trade. I would like to recommend to the Commission not to aim at achieving the regulation with the lowest common denominator[3] or simply harmonizing the regulations in the sphere of data protection by adopting the US data protection regulation, but to make efforts to encourage the further recognition of an adequate level of privacy protection, which has been laid down in the Data Privacy Directive[4], which consequently served as a legal basis for the Safe Harbor Privacy Principles[5]. As a result, the Commission should not underestimate the importance of Safe Harbor privacy principles. Participation in the Safe Harbor creates a presumption that the US organization provides an adequate level of privacy protection and qualifies the company to receive data from EU Member States[6].

Technology has redefined the parameters of privacy protection. We are firmly convinced that TTIP will stipulate more trade related activities conducted by means of e-commerce. As we have been aware of mass surveillance by the US, there is a threat that our fundamental right to privacy will be infringed upon as a result of TTIP agreement. There is a wide difference in the perception of privacy between the US and EU. The constitutions of many national governments of the EU contain a right to privacy, while there is no specific language about privacy in the US Constitution, where the right to privacy has only been protected by the US courts in the exceptional circumstances[7]. Therefore, a non-compliance with Harbor Privacy Principles by the US side should make the EU suspicious in the future trade-related regulations, where the future protection of privacy of its citizens can be questioned.

The ‘immediate suspension’ as proposed by the MEPs should not be interpreted as proclaiming the Safe Harbor Principles being no longer valid, because this would constitute an inevitable situation where there will be no possibility to book a flight to the USA or make a transatlantic purchase through the Internet, for instance, without infringing a EU law. While the NSA revelations have complicated the negotiating process between the US and the EU regarding the compliance with the data protection legislation, there is a shared interest in ensuring a stable environment for the online marketplace. The establishment of the Working Group on Cyber security and Cybercrime is a clear example of effort to establish joint principles on ICT, with a view that this group will lead to the future development of e-commerce between the EU and the US. The constructive dialog between two sides of the TTIP agreement should be conducted. National security concerns should be addressed through appropriate diplomatic channels. As the German Chancellor Merkel stated that TTIP negotiations should not come to an end, because of NSA leaks, as it would not be ‘helpful’ and ‘the German-American and the transatlantic partnership remain of paramount importance’ for Germany, the European Union as well as the United States of America.

It is highly recommended for the European Commission, in order to ensure that personal data is collected only under strict conditions and for legitimate purposes, in the cases where a particular company fails to adhere to the principles listed in the more transparent Safe Harbor Principles, an immediate sanctions and a way of redress for an individual, who is not a resident in the US, should be provided. As we have been aware of from the findings of the Working Group[8], currently, Europeans are not able to benefit from the safeguards provided under the US national legislation. As a result, EU citizens are faced with ‘lower safeguards as well as lower threshold for the collection of their personal data’. The Commission is strongly asked to propose guidelines for the future development of the adequate level of protection, which should not be lower by those afforded to the US citizens or legal residents. Moreover, since many of the orders of the Foreign Surveillance Intelligence Court are undisclosed to public and referred to as secret, there is no possible transparency of the data available neither to EU or US subjects. Individuals are not able to obtain access, rectification or erasure of data, as well as administrative and judicial redress. When the US Security Agencies or Foreign Intelligence Surveillance Court initiates data collection or store private information, a clear legal basis should be provided. Presently there is no clear legal basis, which authorizes the US governmental agencies to store and collect the private data of the 3rd country nationals. The existence of surveillance programs as well as their limitations should be clearly negotiated between the EU and US.

I believe that the above-mentioned suggestions will facilitate an effective outcome of the TTIP, which will promote friendly relations where privacy rights of both parties will be sufficiently respected.

Written by Anna Grigorjeva

[1] Jeffrey Schott and Cathleen Cimino, ‘Keys to negotiating the transatlantic trade and investment partnership’ (2013) 48 Intereconomics: Rev of Intl Trade and Development, 263.

[2] Ibid.

[3] Barbara George, Patricia Lynch and Susan Marsnik, ‘US Maltinational Employers: Navigating through the ‘Safe Harbour’’ (2001) 38 American Business LJ, 741. The concept of ‘privacy’ is affected by cultural factor. Europeans prefer a strong data protection, while the American counterparts have little protection data legislation on the national and federal level.

[4] Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data [1995] OJ L281/31.

[5] Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) [2002] OJ L201/37.

[6] Barbara George, Patricia Lynch and Susan Marsnik, ‘US Maltinational Employers: Navigating through the ‘Safe Harbour’’ (2001) 38 American Business LJ, 737.

[7] Ibid, 742. The First and Fourteenth Amendment often interpreted by the Federal Court of the US as granting a right to privacy to the individuals, although implicitly.

[8] Duncan Matthews, ‘Negotiating the IP Chapter of an EU-US Transatlantic Trade and Investment Partnership: Let’s not Repeat Past Mistakes’ (2013) 44 IIC: Intl Rev Industrial Property and Copyright L, 491.

Wrtitten by Anna Grigorjeva