European Union privacy regulators are probing possible violations of the bloc’s data protection rules through the large-scale surveillance of people’s data by US spy programs such as Prism.
Recent disclosures on how US intelligence agencies collect data of foreign nationals are of great concern, Jacob Kohnstamm, head of the group of 28 EU privacy watchdogs, said in a letter to the bloc’s Justice Commissioner Viviane Reding.
The group considers it is its duty to also assess independently to what extent the protection provided by EU data protection legislation is at risk and possibly breached.
Former US National Security Agency contractor Edward Snowden, who faces US espionage charges, revealed in June that the government secretly collected telephone records of millions of US customers of Verizon Communications Inc. under a classified court order. Prism, another program, collects Internet data from Apple Inc., based in Cupertino, California, Google Inc., based in Mountain View, California, and other companies.
Even though some clarifications have been given by the United States’ authorities, many questions as to the consequences of these intelligence programs remain, Kohnstamm, chairman of the Article 29 Data Protection Working Party, said in the letter, dated 13 August and published on Friday. The group identified a list of issues of concern and questions that need to be answered as soon as possible.
Reding said in June that US Attorney General Eric Holder provided assurances about the Prism surveillance program amid concerns over its impact on EU citizens. “The EU’s questions about the once-secret program have been answered very clearly by Eric Holder,” she said at the time.
Mina Andreeva, a spokeswoman for Reding, said the commissioner welcomes the strong support from the Article 29 Working Party.
“The European Commission calls on the national data protection authorities in the EU group to ensure that the governments in each country support data protection regulation that is also effectively enforceable in PRISM-type situations, “ Andreeva said.
“The privacy regulators want information on what data the US is collecting, ” Kohnstamm said.
Allegedly the collection of personal data takes place both on a very large scale as well as on a structural and/or systematic basis, allowing the NSA, FBI, CIA and/or other intelligence and law enforcement agencies continuous access, Kohnstamm said, referring to the US Federal Bureau of Investigation and the Central Intelligence Agency.
“The EU group has doubts whether the seemingly large-scale and structural surveillance of personal data that has now emerged can still be considered an exception strictly limited to the extent necessary”, said Kohnstamm.
He said that apart from investigating the intelligence programs used by the US, the EU group will also assess any effects of the Prism program and the information derived from it on Europe. BLOOMBERG