French official: Europe must defend privacy rights
Europe and the United States don't agree on how to strike the right balance between protecting privacy rights and battling the terror threat, the head of France's data protection watchdog said Friday.
Isabelle Falque-Pierrotin said the EU Justice Commissioner, Viviane Reding, should defend data privacy rights amid "strong" pressure from U.S. officials to get access information about European citizens for security reasons.
"In my view, notably in the international sphere and in talks with the United States, the balance between data protection and security is very strained," Falque-Pierrotin told The Associated Press in an interview.
European authorities "understand" America's concerns about terrorism in the wake of the 9/11 terror attacks, she said. But Europe "is trying to negotiate to make sure that data and Internet privacy is respected. On that matter, we're not totally aligned."
The EU said Thursday it had signed an accord with the United States over air-passenger data for flights from Europe to America that will limit what information U.S. officials can use and will improve data protection. The agreement replaces one in 2007 that the European Parliament criticized for having given U.S. authorities too much authority to view the private data of EU citizens.
Reding left Friday for the United States, where she was to meet with U.S. Attorney General Eric Holder and Homeland Security Secretary Janet Napolitano.
Falque-Pierrotin, who became the head of the French data protection authority CNIL in October, said her top priority was helping the EU revise its data protection rules, which date back to 1995.
The revision, expected to be presented in January, could have profound implications for how U.S.-based Internet giants like Facebook and Google do business in the EU — a 27-nation bloc whose combined economy is bigger than America's — and beyond.
The reform centers on two areas: the "right to be forgotten" — which would give consumers the ability to require companies to remove their data from corporate records, and "data portability" — which would allow a person to move his or her data from one service provider to another.
The EU itself has to iron out its own differences over privacy issues. Countries like France and Germany favor stronger protections for privacy, while Ireland, Britain and others prefer more market-friendly rules.
The CNIL, which has no direct U.S. counterpart, straddles issues like public security and the Internet economy. It helps ensure that the eyes of Big Brother — like the 570,000 government security cameras around France — do not infringe on people's right to privacy, or that workers aren't unfairly spied on by their employers.
Privacy issues in the Internet Age have ballooned: in 2006, the CNIL rendered just 60 rulings on data-protection appeals from the public; Last year, that figure had soared to 1,800, Falque-Pierrotin said.
In March, the CNIL handed Google its first-ever fine — euro100,000 ($140,000) for improperly gathering and storing e-mails, web browsing histories, online banking details and other data from WiFi networks as it deployed camera-mounted cars and bicycles around Europe to collect images and information for its Street View application.
Google apologized and pledged to delete the data.
"All of the studies show that citizens are beginning to worry about how their personal data is used," Falque-Pierrotin said. "Consumers are starting to evolve, mature and demand more accountability."