{"id":34114,"date":"2013-09-30T12:00:27","date_gmt":"2013-09-30T11:00:27","guid":{"rendered":"http:\/\/www.transcend.org\/tms\/?p=34114"},"modified":"2015-05-06T08:59:01","modified_gmt":"2015-05-06T07:59:01","slug":"us-websites-should-inform-eu-citizens-about-nsa-surveillance-says-report","status":"publish","type":"post","link":"https:\/\/www.transcend.org\/tms\/2013\/09\/us-websites-should-inform-eu-citizens-about-nsa-surveillance-says-report\/","title":{"rendered":"US Websites Should Inform EU Citizens about NSA Surveillance, Says Report"},"content":{"rendered":"

All existing data sharing agreements between Europe and the US should be revoked, and US web site providers should prominently inform European citizens that their data may be subject to government surveillance, according to the recommendations of a briefing report for the European Parliament<\/a>.<\/p>\n

The report was produced in response to revelations about the US National Security Agency (NSA) snooping on internet traffic<\/a>, and aims to highlight the subsequent effect on European Union (EU) citizens’ rights.<\/p>\n

The report warns that EU data protection authorities have failed to understand the \u201cstructural shift of data sovereignty implied by cloud computing\u201d, and the associated risks to the rights of EU citizens.<\/p>\n

It suggests \u201ca full industrial policy for development of an autonomous European cloud computing capacity\u201d should be set up to reduce exposure of EU data to NSA surveillance that is undertaken by the use of US legislation that forces US-based cloud providers to provide access to data they hold.<\/p>\n

Current regulations such as Safe Harbour<\/a> allow US firms to process EU data outside EU borders subject to conditions about how that data is handled. But the European Parliament report, written by British privacy expert Caspar Bowden<\/a>, says that recent revelations show that such agreements are no longer sufficient, citing US legislation such as the Patriot Act and Foreign Intelligence Surveillance Act (FISA).<\/p>\n

\u201cSince the main mechanisms for data export [such as] model contracts [and] Safe Harbour, are not protective against FISA or Patriot, they should be revoked and renegotiated,\u201d said the report.<\/p>\n

To put pressure on the US government, the report recommends that US websites should ask EU citizens for their consent before gathering data that could be used by the NSA.<\/p>\n

\u201cProminent notices should be displayed by every US web site offering services in the EU to inform consent to collect data from EU citizens. The users should be made aware that the data may be subject to surveillance by the US government for any purpose which furthers US foreign policy,\u201d it said.<\/p>\n

\u201cA consent requirement will raise EU citizen awareness and favour growth of services solely within EU jurisdiction. This will thus have economic impact on US business and increase pressure on the US government to reach a settlement.\u201d<\/p>\n

Other recommendations include the EU offering protection and rewards for whistleblowers, including \u201cstrong guarantees of immunity and asylum\u201d. Such a move would be seen as a direct response to the plight of Edward Snowden, the former NSA analyst<\/a> who leaked documents that revealed the extent of the NSA\u2019s global internet surveillance programmes.<\/p>\n

The report also says that, \u201cEncryption is futile to defend against NSA accessing data processed by US clouds,\u201d and that there is \u201cno technical solution to the problem\u201d. It calls for the EU to press for changes to US law.<\/p>\n

\u201cIt seems that the only solution which can be trusted to resolve the Prism affair must involve changes to the law of the US, and this should be the strategic objective of the EU,\u201d it said.<\/p>\n

The report was produced for the European Parliament committee on civil liberties, justice and home affairs, and comes before the latest hearing of an inquiry into electronic mass surveillance of EU citizens<\/a>, due to take place in Brussels on 24 September.<\/p>\n

European commission vice-president Neelie Kroes warned recently that US cloud service providers could suffer loss of business<\/a> in light of the Prism revelations.<\/p>\n

“If businesses or governments think they might be spied on, they will have less reason to trust cloud and it will be cloud providers who ultimately miss out,\u201d she said.<\/p>\n

Read more on NSA internet surveillance<\/b><\/p>\n