Contrary to EUs comprehensive data protection legislation, protection of privacy in the United States relies not only on federal and state legislation and regulation but also on private-sector regulation. The US Constitution’s First amendment protects citizens’ freedom of speech and the Fourth amendment protects citizens’ freedom of speech and right to privacy in relation to the government, both in their homes, as well as on electronic devices as noted in a recent case law. There are of course several exceptions like border searches and Foreign Intelligence Suveillance.
The right to privacy in the US has also been recognised by the Supreme Court as in the case Griswold v. Connecticut.
Different States offer different levels of protection of privacy. California’s constitution states that all people have “inalienable rights” among them to “pursuing and obtaining safety, happiness, and privacy”. The Privacy Act of 1974 (5 U.S.C. § 552a) is the main personal data protection law. It safeguards privacy for records held by US government agencies and requires them to apply “fair information practices”, restricts data sharing for individuals and allow citizens and lawful residents to sue the government in case of violation. The Freedom of Information Act (FOIA) gives the right for anyone to access US public records, although there are exemptions, including the protection of privacy.
Furthermore the Private Protection Act of 1980 aims at protecting journalists’ sources. In addition there are a number of laws designed to protect health information, financial information, credit reporting and children. Following 9/11, with the adoption of a number of provisions in the USA Patriot Act, it became easier for law enforcers to obtain private records by changing a number of the abovementioned laws.
The European Union and the United States have a number of agreements with regards to data protection. (An overview of Data protection in the EU is described in the European Parliament’s Fact Sheets on the European Union). The EU-US Safe Harbour framework tries to accommodate the differences between the EU and US approach, in order to make it easier for US companies to work in the EU. This, however, has been criticised from the beginning by both the European Parliament; in particular in its resolutions on 5 July 2000, 4 July 2013 and 12 March 2014, by the European Data Protection Supervisor, and by Civil Society organisations like Statewatch, Future of Privacy Forum (FPF) and Center for Digital Democracy (CDD).
EU-US Summit – Joint Statement, Brussels, 26 March 2014
12. The transatlantic digital economy is integral to our economic growth, trade and innovation. Cross border data flows are critical to our economic vitality, and to our law enforcement and counterterrorism efforts. We affirm the need to promote data protection, privacy and free speech in the digital era while ensuring the security of our citizens. This is essential for trust in the online environment.
13. We have made considerable progress on a wide range of transnational security issues. We cooperate against terrorism in accordance with respect for human rights. Agreements such as the Passenger Name Record and Terrorist Finance Tracking Programme that prevent terrorism while respecting privacy are critical tools in our transatlantic cooperation. We will strengthen our coordination efforts to prevent and counter violent extremism. We will continue looking for appropriate mechanisms to counter the threats posed by fighters departing to Syria and other unstable regions, who return home where they may recruit new fighters, plan and conduct terrorist operations. We also work to address the threats posed by activities of groups contributing to instability in these regions. We welcome our increasingly close cooperation in building the capacity of partner countries to counter terrorism and violent extremism within a framework of rule of law, particularly in the Sahel, Maghreb, Horn of Africa region and Pakistan. We pledge to deepen and broaden this cooperation through the United Nations, the Global Counterterrorism Forum, and other relevant channels. We have also decided to expedite and enhance cooperation on threats directly affecting the security of EU and US diplomatic staff and facilities abroad.
14. Data protection and privacy are to remain an important part of our dialogue. We recall the steps already taken, including the EU-US ad hoc Working Group, and take note of the European Commission Communication of 27 November 2013 and President Obama’s speech and Policy Directive of 17 January 2014. We will take further steps in this regard. We are committed to expedite negotiations of a meaningful and comprehensive data protection umbrella agreement for data exchanges in the field of police and judicial cooperation in criminal matters, including terrorism. We reaffirm our commitment in these negotiations to work to resolve the remaining issues, including judicial redress. By ensuring a high level of protection of personal data for citizens on both sides of the Atlantic, this agreement will facilitate transfers of data in this area. The United States and the EU will also boost effectiveness of the Mutual Legal Assistance Agreement – a key channel of cooperation in the digital era. In addition, we are committed to strengthening the Safe Harbour Framework in a comprehensive manner by summer 2014, to ensure data protection and enable trade through increased transparency, effective enforcement and legal certainty when data is transferred for commercial purposes.
Factsheet on the EU-US negotiations on the so-called ‘Data Protection Umbrella Agreement’, June 2014
Communication on the Functioning of the Safe Harbour from the Perspective of EU Citizens and Companies Established in the EU, COM/2013/0847 final, 27.11.2013
What we need to make TTIP work / Karel De Gucht, European Commissioner for Trade, German Economy Ministry Conference on the Transatlantic Trade and Investment Partnership, Berlin, 5 May 2014
“The third value we need to protect is privacy. Data protection is a fundamental right in the European Union, so this agreement can do nothing to undermine it – legally or morally. That is exactly how we are working. We are trying to facilitate trade in the digital economy which is so important for our future. But we will not be doing anything to change Europeans’ rights to privacy.D on’t get me wrong – there are issues between the EU and the US to be resolved. But they need to be tackled outside the framework of these talks.”
Spying affair and the TTIP free trade agreement / Question for written answer to the Commission Rule 117 Angelika Werthmann (ALDE), 12 November 2013 with answer from Mr De Gucht on behalf of the Commission, 10 February 2014
“the Commission expects that in parallel solutions will be found to restore trust in EU-US data flows. In pursuing this approach, the Commission has been supported by the European Parliament, whose resolution on the US NSA surveillance programme did not call for a delay of the TTIP negotiations, and by the Member States. The Commission set up, together with the Presidency of the Council of the EU, an ad-hoc high-level EU-US working group on data protection to examine these issues further”
“Stepping up a gear“: Press Statement by EU Trade Commissioner Karel De Gucht following the stocktaking meeting with USTR Michael Froman on the Transatlantic Trade and Investment Partnership (TTIP), 18 February 2014
Let me be clear on this very important point: we are not lowering standards in TTIP. Our standards on consumer protection, on the environment, on data protection and on food are not up for negotiation. There is no “give and take” on standards in TTIP.
And we are happy to be scrutinized on this: no standard in Europe will be lowered because of this trade deal; not on food, not on the environment, not on social protection, not on data protection. I will make sure that TTIP does not become a ‘dumping’ agreement.
EU Chief Negotiator says EU-US trade deal not about deregulation, as third round of talks end in Washington, 20 December 2013
However, Mr Garcia Bercero was at pains to point out that: “TTIP is not and will not be a deregulation agenda.” He said neither side intended to lower its high standards of consumer, environment, health, labour or data protection, or limit its autonomy in setting regulations.
Towards a more dynamic transatlantic area of growth and investment / Viviane Reding, Vice-President of the European Commission, EU Justice Commissioner, 29/10/2013
“I warn against bringing data protection to the trade talks. Data protection is not red tape or a tariff. It is a fundamental right and as such it is not negotiable.”
Once a single, coherent set of rules is in place in Europe, we will expect the same from the US. Inter-operability and a system of self-regulation is not enough. Including a legal provision on judicial redress for EU citizens, regardless of their residence, in the forthcoming US Privacy Act is an essential step towards restoring trust among partners.
TTIP negotiations following the PRISM scandal / Question for written answer to the Commission Rule 117 Alda Sousa (GUE/NGL) , Marisa Matias (GUE/NGL), 18 July 2013 with answer by Mrs Reding on behalf of the Commission, 30 September 2013
“PNR and TFTP Agreements with the US promote and protect the European Union’s common security interests and the fundamental rights of EU citizens. Review of the PNR Agreement was undertaken recently and its report will be submitted to the European Parliament in due time. Two regular joint-reviews of the EU-US TFTP Agreement in 2011 and 2012 assessed the implementation of the safeguards applicable to the processing of Provided Data and considered the measures taken as adequate. A joint report pursuant to Article 6(6) of the agreement is under preparation. The Commission has requested consultations under A 19 TFTP
Data protection reform: restoring trust and building the digital single market / Viviane Reding, Vice-President of the European Commission, EU Commissioner for Justice, 4th Annual European Data Protection Conference /Brussels, 17 September 2013
A. Data Protection Reform and PRISM — C. The EU-US Relationship
Statement by President Barroso on the Transatlantic Trade and Investment Partnership, 3 July 2013
In parallel, it is important to address concerns that have been clearly expressed on the European side on some intelligence activities and also on the implication for privacy and data protection at European level. So what I can say we have agreed today is the following: we are committed to the Transatlantic Trade and Investment Partnership, but we expect that in parallel we have work in the EU-US working groups that will analyse the oversight of the intelligence activities, intelligence collection and also the question of privacy and data protection.
Chamber Wants TTIP To Ease Data Flows Without Altering EU Regime / Inside U.S. Trade, March 6 2014
The U.S. Chamber of Commerce is pushing for provisions in a trans-Atlantic trade deal to ease cross-border data flows in part by broadening the ways by which U.S. firms can comply with the European Union’s data privacy requirements, though it does not intend to use the trade talks as a vehicle to seek changes to the underlying EU regime
Ruling concerning the validity of Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC (OJ 2006 L 105, p. 54). In Joined Cases C‑293/12 and C‑594/12, 8 April 2014
The central task of the Members Research Service is to ensure that all Members of the European Parliament are provided with analysis of, and research on, policy issues relating to the European Union, in order to assist them in their parliamentary work.
Combating corruption in the European Union
2024 European elections: National rules
Plant reproductive material [EU Legislation in Progress]
Relations ahead of the 24th EU-China summit
EU-New Zealand free trade agreement – One step closer to ratification [International Agreements in Progress][Policy Podcast]
What if the EU was energy independent? [Science and Technology Podcast]
BEFIT – Business in Europe: Framework for income taxation [EU Legislation in Progress]
Continuation of the Partnership for Research and Innovation in the Mediterranean Area [EU Legislation in Progress]
CO2 emissions of new cars and vans
Youth participation in European elections
Circularity requirements for vehicle design and management of end-of-life vehicles [EU Legislation in Progress]
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
The present website is hosted by WordPress.com, a service by Automattic. Automattic is a global company with thousands of servers located in several separate data centres around the world. While Automattic takes care of the security of the platform, we, the European Parliamentary Research Service, own the content of the blog. For more detailed information about the compliance of Automattic products and services with the EU General Data Protection Regulation (GDPR), please see their dedicated page.
We do not collect any personal data that could identify an individual user. The users that are registered in WordPress.com should consult wordpress.com terms of service. We do collect anonymised aggregate data for statistical purposes. The data collected for this purposes include: number of visits/visitors per page, the country of the user, and aggregate numbers of incoming and outgoing clicks.
We determine unique page counts by using a “hashed” version of the visitor’s IP address. The visitor’s full IP address is deleted from our logs after a little over a month. That timeframe is how long the data is needed in order to allow us to calculate your stats on a monthly basis and no longer.
We collect your email address only if you proactively requested to be notified about the updates on the blog. You can always contact us to remove your email address from our records or unsubscribe from the notification service.
We can also see your name and email address if you made a comment to one of our posts. We do not make the email address visible on the comment. Nevertheless, on request, we can delete your comments.
We collect cookies only to facilitate your browsing experience, such as enabling you to share our posts via social media or comment on the post. The majority of cookies will be used only if you are a registered WordPress.com user. In this case, you are bound to WordPress.com terms of service.
Some pages embed content from third parties. In this case, you will need to actively consent to their terms in order to see the content.