News

USIS Washington 
File

01 December 1998

U.S. AND EU OFFICIALS PRESS AHEAD WITH TALKS ON DATA PRIVACY

(U.S. negotiators hope for significant progress in January ) (590)

By Merle D. Kellerhals, Jr.

USIA Staff Writer



Washington -- United States and European Union (EU) officials met
December 1 to continue discussions on complex data privacy laws with
the United States pressing for a closer resolution of the issue by
late January, a senior Commerce Department official says.


The official, speaking on background, said December 1 that U.S.
Commerce Under Secretary David Aaron and John Mogg, the European
Commission's director general for the Single Market, reaffirmed their
objective of seeking a final agreement on data privacy.


"We have really made, I think, enormous progress on some of the
fundamental concepts that are necessary to reconcile the two different
systems," the official said. But, he added, that the hope is for
"significant progress by the end of January" when the two officials
meet again.


At issue between the United States and European Union is how best to
manage the transfer of private data on individuals, especially
electronically. The EU's comprehensive privacy legislation, the
Directive on Data Protection, which became effective on October 25,
1998, prohibits the transfer of personally identifiable data to third
countries that do not provide an "adequate" level of privacy
protection. The United States relies largely on a sectoral and
self-regulatory approach, rather than legislative, to assure privacy,
the Commerce Department said.


The United States has proposed a system known as "Safe Harbor."
Essentially, U.S. organizations could come within the safe harbor by
self certifying that they voluntarily adhere to seven privacy
principles, the Commerce Department said. These principles were
released for public comment two weeks ago by the Commerce Department.


However, European Union countries have not accepted the proposed safe
harbor plan proposed by the United States. The Commerce official said
that at present "data will not be interrupted so long as we are
negotiating seriously about this issue. The decision of the European
Union was to do what they could to refrain from any data interruption
so long as we were negotiating in good faith, and we are negotiating
in good faith. So, there's been no deadline that's been set on that."


The official said that there are a number of technical questions that
still need to be addressed in the negotiations.


"But essentially, they revolve around the question of access -- of a
person's ability to access information about them that may be held by
a company. The question of monitoring the adherence to the safe harbor
principles," he said. And, he said the "question of whether existing
laws and regulations that some of our industry sectors are subject to
provide adequate privacy protection."


Both sides have agreed to, in principle, the setting up of an
independent body to arbitrate disputes between the two bodies, he
said.


"There are two different aspects to that," he said. "One is that we
have agreed that there should be an independent dispute settlement
mechanism."


However, the difference is over whether, in addition to that, U.S.
companies should have to have an independent auditing or monitoring
body to assure the Europeans that they are adhering to safe harbor
principles, the official said. "Our view, frankly, is that the
Europeans have no such body to assure that European companies are
adhering to the European data directive, and so our companies should
not have to carry this additional burden."