AG Außenpolitik/Datentransfer EU USA

Consultation on the future EU-US international agreement on personal data protection and information sharing for law enforcement purposes

Datei:Consultation questionaire en.pdf
Das sind die Fragen der EU an (in diesem Fall) Organisationen:

1. Purpose

What should be the purpose(s) of the agreement? Should the agreement only establish data protection standards for EU-US law enforcement cooperation?
Or should it address also wider issues related to the processing and transfer of personal data in the context of transatlantic law enforcement cooperation, e.g. reciprocal information transfer or impact on relations with other third countries?

1. Scope of the agreement
   1. Material scope

• Should the agreement cover personal data protection when information is transferred that pertains to police cooperation in the area of freedom, security and justice (Title V chapter 5 of the Treaty on the Functioning of the European Union (TFEU)?
• Should it also cover personal data protection when information is transferred in the course of judicial cooperation in criminal matters (Title V chapter 4 TFEU)?
• Should it also be applicable to the transfer of personal data in the context of other Union policies within the area of freedom, justice and security, i.e. the security elements of immigration, visa, asylum and civil law cooperation?

1. 1. Personal scope

• Should the agreement only cover government-to-government transfers of information?
• Or should it also be applicable to transatlantic transfers of personal data from private entities to law enforcement authorities? If so, should the conditions on private – public data transfers be in any way different from the government-to-government transfers?

1. Nature of the agreement:

Should the agreement include a provision to the effect that EU and US law enforcement authorities may request from each other the same types/categories of information and personal data (reciprocity)?

1. Data Protection Principles
   1. Accountability

Should the agreement provide for modalities and consequences of "accountability", e.g. internal and external review procedures? Should the agreement notably provide for a joint review mechanism?

1. 1. Individual Access

• Should the agreement spell out the conditions for the right to access one's own personal data?
• If there is no possibility to directly access one's own personal data for justified reasons, should the agreement provide for the possibility of indirect verification through an independent authority responsible for the oversight of the processing in the sending or recipient country?

1. 1. Single contact points

• Should the agreement provide for a single contact point in the US in case of data protection concerns related to data transferred from the EU?
• Should the agreement provide for a single contact point in the EU in case of data protection concerns related to data transferred from the US?
• Should the modalities for transparency and assistance to data subjects by US and EU data protection supervisory authorities be spelled out in the agreement?

1. 1. Judicial redress

• Should the agreement lay down provisions for effective access to courts for data subjects that believe that their data protection rights have not been respected? How could this be achieved?
• Should laws which discriminate in respect of access to the courts on grounds of nationality or residence be amended?

1. Any other comment

You may introduce here any other comment you would like to make on the future European Union (EU) - United States of America (US) international agreement on personal data protection and information sharing for law enforcement purposes.