The European Union's chief justice official has written to the US attorney general demanding an explanation for the collection of foreign nationals' data through its Prism spy programme.
In a letter seen by Reuters, the European commissioner for justice and fundamental rights, Viviane Reding, said she had serious concerns about the possibility that US authorities had accessed European citizens' data on a vast scale.
Reding has pushed hard for stronger privacy rules in Europe throughout her mandate. In 2012, she sought to introduce measures that would have set up barriers for foreign judicial authorities to access data about European citizens.
EU concerned about US data spying (Image Credit: Getty Images)
But EU officials say the proposals were diluted by her counterparts in the European Commission, the EU executive, because of concerns such laws would strain relations with the United States at a time when the EU was preparing for talks on a free-trade deal with Washington.
“I would request that you provide me with explanations and clarifications on the PRISM programme, other U.S. programmes involving data collection and search, and laws under which such programmes may be authorised,” Reding wrote to Attorney General Eric Holder.
US officials have confirmed the existence of a secret programme to draw data from the Internet, code-named Prism, which according to documents leaked to the Washington Post and Britain's Guardian newspaper has given them access to data from firms such as Google
Reding has tried to make it more difficult for US authorities to obtain data from European telecoms and technology companies by introducing stricter requirements such as the approval from a judicial authority.
“In-house people didn't want to create any possible tension with the US,” an EU official said, referring to opposition inside the European Commission to Reding's proposals in 2012.
Holder and Reding will meet in Dublin on Friday at a scheduled ministerial gathering.
In her letter, Reding asks Holder to explain whether EU citizens were targeted under Prism, how broad US access to the data would have been and how EU companies and citizens can appeal against the monitoring of their private correspondence.
EU officials have for several years asked the United States to explain how laws such as the Patriot Act and the Foreign Intelligence Surveillance Amendment Act affect EU citizens and companies. The European Parliament, in particular, has become vocal about limiting data sharing and protecting privacy.
Since 2011 the European Commission has tried to negotiate a transatlantic data protection agreement that would limit US access to European data. The talks have stalled partly over the issue of what rights EU citizens had on US soil, a commission official told Reuters earlier this week.
EU officials also are debating whether data protection should be included in negotiations for an EU-US free-trade deal on which formal talks are expected to begin next month. European businesses have warned that without legal certainty, technologies which rely on data protection such as cloud computing will not be able to grow in Europe.
Companies considering adopting cloud technology still cite security as their biggest concern and European officials say they are aware that Europe's cloud market hinges on privacy. “The storage of the data in the foreign servers and related legal uncertainty constitutes a real impediment,” a Commission official said. Lobby groups in Brussels say they need to know which set of laws – EU or US legislation – they should follow.