US to EU – PRISM isn’t mining Europeans’ personal data in bulk

Vivane Reding
Vivane Reding

Vivane Reding

Europe wants to know to what extent the US National Security Agency (NSA) is tapping into internet companies to spy on its citizens – and has received an assurance that Europeans’ personal data at least isn’t collected indiscriminately.

A series of leaks this month by 29-year-old security contractor Edward Snowden revealed the NSA’s widespread collection of Verizon telephone records in the US and a data collection programme named PRISM that taps into companies including Google, Facebook, Apple, Skype and Microsoft.

The big question for Europe is whether either programmes breaches its citizens’ data privacy rights. On Friday in Dublin, European Justice Commissioner Vivane Reding (picture above) received some answers from US Attorney-General Eric Holder. From her official post-meeting statement:

First, on the Verizon question, the information I received today is that it is a US project, directed mainly towards US citizens. It is about metadata, not about content. It is about bulk, not about individuals. And it is based on court orders and congressional oversight.

Having heard this, I consider that this is mainly an American question – if Eric Holder confirms this.

Considering PRISM, the US answers to the questions I have raised were the following: It is about foreign intelligence threats.

PRISM is targeted at non-US citizens under investigation on suspicion of terrorism and cybercrimes. So it is not about bulk data mining, but specific individuals or targeted groups. It is on the basis of a court order, of an American court, and of congressional oversight.

She welcomed Holder’s proposal to set up a meeting of US and EU experts to clarify remaining matters – “and I think there are remaining matters”.

One possible question still to be answered: Have data sharing partnerships with the US allowed European governments to collect data about their citizens in ways that would be illegal at home? The UK’s spies are the most likely suspects due to historic security agreements – but British foreign secretary William Hague has dismissed such allegations as “fanciful”.

European Parliament lawmakers suggested last week that the PRISM revelations could affect existing EU-US data sharing agreements. The US and EU are currently working on a new umbrella agreement for data exchange and protection.

Image credit: 
Vivane Reding: Flickr user Veni Markovski


Europe takes a stand on Prism scandal
Google antitrust smack-down in Europe – have your say on proposals
Google pushed to change tactics after European Commission anti-trust investigation