MEPs vote to halt EU-US data agreement

The EU should suspend cooperation with the US on tracking the finances of suspected terrorists, at least while the US allegedly spies on the data of EU citizens.

That is according to the European Parliament which yesterday adopted a resolution calling for a tough response to allegations the US National Security Agency had tapped EU citizens’ bank data held by the Belgian company Swift.

Under the Terrorist Finance Tracking Program agreement with the US the EU allows access to some data held by financial institutions in a bid to identify, track and foil the financing of terrorist activities.

However the US authorities’ access is strictly limited and if proven, accessing the Swift information would constitute a breach of the EU-US agreement.

MEPs also criticised EU member states, saying no state has yet investigated the allegations which appeared in the media last week. They urged EU countries to authorise an inquiry using Europol’s Cybercrime Centre.

The resolution also calls for a “full on-site technical investigation” of allegations of the US authorities having created possible “back doors” into the Swift servers.

A Civil Liberties Committee special inquiry into the mass surveillance of EU citizens should also continue to look into the allegations, adds the text.

In the course of the debate many speakers stressed any data-sharing agreement with the US should be based on a citizens’ data protection framework, offering legally-binding standards on purpose limitation, abuse, correction, erasure and redress.

While the parliament has no formal powers to break or even suspend the international agreement, MEPs claimed the EU Commission “would have to act” if Parliament withdraws its support . The text of the resolution added that parliament would take account of the commission’s response to this demand when considering whether to give its consent to future international agreements.

The resolution, tabled by the S&D, ALDE and Greens/EFA groups, was passed by 280 votes to 254, with 30 abstentions.

The adoption of the resolution followed approval on Tuesday of a separate plan for a major overhaul of current EU data protection rules.

This plan agreed by the parliament would make consent a requirement before an individual’s data was used by third parties.

Individuals would also have the right to erasure of electronic data, and increased fines would be put in place for firms that break the rules.

Meps also set limits to profiling, a practice used to analyse or predict a person’s performance at work, economic situation, location, health or behaviour.

Critically the new proposals would clarify and standardise the position across the 28 member states.

The parliament will now start negotiations with EU governments on these measures and data protection is to be on the agenda for the summit of EU leaders which begins today.