Data Commissioner will not probe tech companies over NSA

Thursday 25 July 2013 15.47
The Data Protection Commissioner said tech companies were covered by Safe Harbour rules
The Data Protection Commissioner said tech companies were covered by Safe Harbour rules

The Office of the Data Protection Commissioner has said it will not investigate Apple or Facebook over the transferring of personal data to a US spy agency because they have signed up to EU privacy principles.

The watchdog had been challenged by an Austrian student activist group to investigate allegations that the US National Security Agency harvests emails and other private data from the companies in a mass electronic surveillance programme known as Prism.

In an email published by the student group ‘europe-v-facebook’ the ODPC said the companies were covered by 'Safe Harbour', a system that allows US firms to certify themselves as compliant with EU data protection law by signing up to a set of principles supposed to safeguard how personal data are used.

The European Union adopted Safe Harbour in 2000, seven years before the NSA began the Prism programme that was revealed by fugitive intelligence contractor Edward Snowden last month.

"We do not consider that there are grounds for an investigation under the Irish Data Protection Acts given that 'Safe Harbour' requirements have been met," the ODPC wrote to europe-v-facebook.

An spokesperson for the commissioner told Reuters: "If something is agreed by the European Commission for the purpose of providing safeguards, that ticks a box under our jurisdiction."

Max Schrems, the founder of europe-v-facebook, said: "We have the impression that the ODPC is trying to simply ignore the complaints and the whole Prism scandal."

The 25-year-old law student is also awaiting responses to complaints he has filed against Yahoo in Germany and Microsoft and Skype in Luxembourg.

Snowden's leaks about NSA eavesdropping methods have caused widespread outrage among both friends and foes of the United States.

Freedom-of-expression group Index on Censorship has launched a petition together with five other campaign groups calling on European heads of government to discuss the issue at their next summit in October.

US technology companies like Microsoft, which are restricted by law as to what they can disclose about their involvement, say they have not given direct access to their servers to any government agency, and have only provided user information in accordance with the law.

The Snowden affair has raised questions about the efficacy of Safe Harbour.

The data protection commissioner for the German state of Bremen has called for the European Commission to suspend it indefinitely in light of the "excessive surveillance by foreign secret services".

Viviane Reding, the European Commissioner for Justice, Fundamental Rights and Citizenship said this month: "The Safe Harbour agreement may not be so safe after all."

A spokeswoman for her office said the Commission was working on an assessment of the agreement, which it would present by the end of the year.