Europe's top privacy watchdog and the digital agenda commissioner both said Monday that more transparency and trust is needed between the European Union and the U.S. following reports of widespread data collection by the U.S. National Security Agency.
Cybersecurity is not an excuse for the unlimited monitoring and analysis of the personal information of individuals, said Peter Hustinx, the European data protection supervisor.
"If the E.U. wants to cooperate with other countries, including the U.S.A., on cyber security, it must necessarily be on the basis of mutual trust and respect for fundamental rights, a foundation which currently appears compromised," said Hustinx in a statement, released along with his formal Opinion on the Cyber Security Strategy. His formal opinion must be considered by the European Commission in drawing up legislation.
He went on to criticize the E.U.'s Cyber Security Strategy, which was put forward by the European Commission in February. Hustinx said the strategy is not clear on how data protection principles will be applied in practice and that it fails to take due account of the proposed Data Protection Regulation and the eTrust Regulation.
Meanwhile, Digital Agenda Commissioner Neelie Kroes, who was among those to propose the Cyber Security Strategy, agreed that the U.S. needs to be "more transparent with Europeans about what has been going on.
"Personally I don't like the idea of data localization—the idea that data has to be stored where it is gathered. But let's not be naïve. The Prism debate will definitely increase calls for a European cloud, with a range of possible consequences for American companies," she said in a speech to the American Chamber of Commerce in Brussels.
But Hustinx says that the E.U.'s solution to protecting data while ensuring security falls short. He said the strategy does not take into account the importance of privacy by design with the result that the strategy is "not as effective and comprehensive as the Commission intends it to be."