BETA

25 Amendments of Sophia IN 'T VELD related to 2018/2645(RSP)

Amendment 1 #

Citation 9 a (new)
- Having regard to the response letter by Article 29 Data Protection Working Party of 11 April 2018 on the reauthorisation of Section 702 of the US Foreign Intelligence Surveillance Act (FISA);
2018/04/25
Committee: LIBE
Amendment 9 #

Recital E
E. whereas in its Opinion 01/2016 the Article 29 Working Party on the draft EU- U.S. Privacy Shield adequacy implementing Commission Decision welcomed the significant improvements brought about by the Privacy Shield compared with the Safe Harbour decision whilst also raising strong concerns about both the commercial aspects and access by public authorities to data transferred under the Privacy Shield;
2018/04/25
Committee: LIBE
Amendment 17 #

Recital O a (new)
O a. whereas, as part of the omnibus budget legislation signed into law on March 23, 2018, the U.S. Congress enacted the Clarifying Overseas Use of Data ("CLOUD") Act, facilitating law enforcement access to the contents of communications and other related data by allowing U.S. law enforcement authorities to compel production of communications data even if it is stored outside the United States, and by allowing certain foreign countries to enter into executive agreements with the United States in order to permit U.S. service providers to respond to certain foreign orders seeking access to communications data;
2018/04/25
Committee: LIBE
Amendment 18 #

Recital O b (new)
O b. whereas Facebook Inc., Cambridge Analytica and SCL Elections Ltd are companies certified under the Privacy Shield framework and as such benefited from the adequacy decision as a legal ground for the transfer and further processing of personal data from the European Union to the United States;
2018/04/25
Committee: LIBE
Amendment 19 #

Recital O c (new)
O c. whereas, as per Article 45(5) of the GDPR, where available information reveals that a third country no longer ensures an adequate level of protection, the Commission shall repeal, amend or suspend its adequacy decision;
2018/04/25
Committee: LIBE
Amendment 26 #

Paragraph 3
3. Acknowledges the recent designation of two additional Members coupled with the nomination of the Chairman of the PCLOB and calls onurges the Senate to ratify the names so as to start works without delay;
2018/04/25
Committee: LIBE
Amendment 28 #

Paragraph 4
4. RecallsExpresses its concern that the absence of a chair and a quorum has prevented untillimited the PCLOB's ability to act and to fulfill its obligations; highlights that during a sub-quorum period, PCLOB may not initiate noew the PCLOB fromadvice or oversight projects, and hire staff; recalls that the PCLOB has not yet issuinged its long-awaited report on the conduct of surveillance under Executive Order 12333 to provide information on the concrete operation of this Executive Order and on its necessity and proportionality with regard to interferences brought to data protection in this context; notes that this report is highly desirable considering the uncertainty and unforseeability of how Executive Order 12333 is made use of; regrets that the PCLOB has not issued a new report on Section 702 FISA before it was reauthorised in January 2018; considers that the sub-quorum status seriously undermines the compliance and oversight guarantees and assurances made by the US authorities; therefore urges the US authorities to nominate and confirm new Board Members without delay;
2018/04/25
Committee: LIBE
Amendment 31 #

Paragraph 6
6. Stresses that the delay in appointing a permanent OmbudspersonReiterates its position that the Ombudsperson mechanism set up by the U.S. Department of State is not sufficiently independent and is not endowed with sufficient effective powers to carry out its not contributing to mutual trust and that his/her powers vis-à-vis the intelligence community will need to be better clarified as well as the level of effective remedy of his/her decisionstasks and provide effective redress to EU citizens; stresses that the exact powers of the Ombudsperson mechanism need to be clarified, especially with regards to his/her powers vis-à-vis the intelligence community and the level of effective remedy of his/her decisions; regrets that the Ombudsperson can only request action by and information from US governmental bodies, and cannot order the authorities to cease and discontinue unlawful surveillance, or to permanently destruct information; points out that, while there is an acting Ombudsperson, to date the US administration has still not appointed a new permanent Ombudsman, which does not contribute to mutual trust; takes the view that in the absence of an appointed independent, experienced and sufficiently empowered Ombudsperson, the US assurances with regard to the provision of effective redress to EU citizens would be null and void;
2018/04/25
Committee: LIBE
Amendment 34 #

Paragraph 7
7. Deplores that three of the five seats of the FTC remain vacant; calls on the U.S. government to appoint the remaining Commissioners as soon as possible as the FTC is the competent enforcing agency of the Privacy Shield principles by the US organisations;
2018/04/25
Committee: LIBE
Amendment 36 #

Paragraph 9
9. Considers that in order to ensure transparency and avoid false certification claims, the DoC should not tolerate US companies making public representations about their Privacy Shield certification before it has finalised the certification process and has included them on the Privacy Shield list; Cis concerned by the fact that the DoC has not made use of the possibility provided in the Privacy Shield to request copies of the contractual terms used by certified companies in their contracts with third parties to ensure compliance; considers therefore that there is no effective control whether certified companies actually comply with the Privacy Shield provisions; calls on the DoC to undertake proactively and on regular basis ex officio compliance reviews to monitor the effective compliance of companies with the Privacy Shield rules and requirements;
2018/04/25
Committee: LIBE
Amendment 38 #

Paragraph 9 a (new)
9 a. Considers that the various recourse procedures for EU citizens may prove to be too complex, difficult to use, and therefore less effective; notes that, as underlined by the companies providing independent recourse mechanisms (IRMs), most of the complaints are brought directly to the companies by individuals seeking general information on the Privacy Shield and the processing of their data; recommends therefore the US authorities to offer more concrete information on the Privacy Shield website in an accessible and easily understandable form to the individuals regarding their rights and available recourses and remedies;
2018/04/25
Committee: LIBE
Amendment 42 #

Paragraph 10
10. In view of the recent revelations of misuse of personal data by companies certified under the Privacy Shield such as Facebook and Cambridge Analytica, calls on the US authorities competent to enforce the Privacy Shield to act upon such revelations without delay in full respect with the assurances and commitments given to uphold the current Privacy Shield arrangement and if needed, to remove such companies from the Privacy Shield list; calls also on the competent EU data protection authorities to investigate such revelations and, if appropriate, suspend or prohibit data transfers under the Privacy Shield; considers that the revelations clearly show that the Privacy Shield mechanism does not provide an adequate protection of the right to data protection;
2018/04/25
Committee: LIBE
Amendment 50 #

Paragraph 11
11. Recalls its concerns about the lack of guarantees in the Privacy Shield for automated-decision making/profiling, which produce legal effect or significantly affect the individual; acknowledges the intention of the Commission to order a study to collect factual evidence and further assess the relevance of automated decision-making for data transfers under the Privacy Shield; calls on the Commission to provide for specific rules concerning automated decision-making to provide sufficient safeguards if the study recommends this; takes note in this regard of the indication from the joint review that the findings gathered seem to indicate that none of the data transferred under the Privacy Shield are processed through automated decision making systems;
2018/04/25
Committee: LIBE
Amendment 52 #

Paragraph 12
12. Stresses that further improvements should be made with regards to the interpretation and handling of HR data due to the different reading of the notion “HR data” by the US government on one hand and the European Commission and the WP29 on the other hand; takes note ofagrees fully with the WP29 call to the European Commission to engage in negotiations with the US authorities in order to amend the Privacy Shield mechanism on this issue;
2018/04/25
Committee: LIBE
Amendment 55 #

Paragraph 13
13. RecommendUrges, in the light of the joint review, that the DoC to provides more precise guidance as regards essential principles of the Privacy Shield such as the Choice Principle, the Notice Principle, onward transfers, controller-processor’s relation and access;
2018/04/25
Committee: LIBE
Amendment 57 #

Paragraph 13 a (new)
13 a. Considers that the term 'national security' in the Privacy Shield mechanism is not specifically circumscribed in order to ensure that data protection breaches can be effectively reviewed in courts to ensure compliance with a strict test of what is necessary and proportionate; calls therefore for a clear definition of 'national security'.
2018/04/25
Committee: LIBE
Amendment 60 #

Paragraph 15
15. Regrets that the U.S. did not seize the opportunity of the recent reauthorization of FISA Section 702 to include the safeguards provided in PPD-28; calls for evidence and legally binding commitments ensuring that data collection under FISA Section 702 is not indiscriminate and access is not conducted on a generalised basis (bulk collection) in contrast with the EU Charter on Fundamental Rights; shares the view of Article 29 Data Protection Working Party that an updated report from PCLOB on the definition of “targets”, on the “tasking of selectors” and on the concrete process of applying selectors in the context of the UPSTREAM programme would be valuable to clarify and assess whether massive access to personal data occurs in that context; deplores that EU individuals are excluded from the additional protection provided by the reauthorization of FISA Section 702, by which the FBI can only access communciations content under Section 702 with a court order, following a specific application made by the FBI; calls on the Commission to take the forthcoming analysis of WP29 on FISA Section 702 seriously and to act accordingly;
2018/04/25
Committee: LIBE
Amendment 61 #

Paragraph 15
15. Regrets that the U.S. did not seize the opportunity of the recent reauthorization of FISA Section 702 to include the safeguards provided in PPD- 28; deplores that the Commission in the First Annual Review only offered 'hope' that the protections offered by PPD-28 would be enshrined in FISA instead of demanding effective legal remedies against unlawful surveillance; calls for evidence ensuring that data collection under FISA Section 702 is not indiscriminate and access is not conducted on a generalised basis (bulk collection) in contrast with the EU Charter on Fundamental Rights;
2018/04/25
Committee: LIBE
Amendment 66 #

Paragraph 16 a (new)
16 a. Reiterates its concerns about Executive Order 12333, which allows the NSA to share vast amounts of private data gathered without warrants, court orders or congressional authorisation with 16 other agencies, including the FBI, the Drug Enforcement Agency and the Department of Homeland Security; regrets the lack of any judicial review of surveillance activities conducted on the basis of Executive Order 12333;
2018/04/25
Committee: LIBE
Amendment 67 #

Paragraph 17 a (new)
17 a. Expresses its concern about the consequences of Executive Order 13768 on 'Enhancing Public Safety in the Interior of the United States' for judicial and administrative remedies available to individuals in the US, because the protections of the Privacy Act no longer apply to non-US citizens; takes note of the Commission's position that the adequacy assessment does not rely on the protections of the Privacy Act and that therefore this Executive Order does not affect the Privacy Shield; considers that Executive Order 13768 however indicates the intention of the US executive to reverse the data protection guarantees previously granted to EU citizens and to override the commitments made towards the EU during the Obama Presidency;
2018/04/25
Committee: LIBE
Amendment 75 #

Paragraph 20
20. ConsiderDeplores that the US authorities have failed to proactively fulfil their commitment to provide the Commission with timely and comprehensive information about any developments that could be of relevance for the Privacy shield, including the failure to notify the Commission of changes in the U.S. legal framework;
2018/04/25
Committee: LIBE
Amendment 79 #

Paragraph 23
23. Calls uponDeplores that the Commission and the U.S. competent authorities did noto restart discussions on the Privacy Shield arrangement and did noto set up any action plan in order to address as soon as possible the deficiencies identified by the Commission report on the joint review and in the WP29 report on the joint reviewas called for by the WP29 in its December report on the joint review; calls on the Commission and the US competent authorities to do so without any further delay;
2018/04/25
Committee: LIBE
Amendment 82 #

Paragraph 23 a (new)
23 a. Recalls that privacy and data protection are legally enforceable fundamental rights, enshrined in the Treaties, the Charter of Fundamental Rights and the European Convention of Human Rights, as well as in laws and case law; emphasizes that they must be applied in a manner that does not unnecessarily hamper trade or international relations, but cannot be "balanced" against commercial or political interests;
2018/04/25
Committee: LIBE
Amendment 83 #

Paragraph 24
24. Is concerned as to whetherTakes the view that the current Privacy Shield arrangement does not provides the adequate level of protection required by Union data protection law and the EU Charter as interpreted by the European Court of Justice.;
2018/04/25
Committee: LIBE
Amendment 87 #

Paragraph 24 a (new)
24 a. Considers that the Commission has failed to act in accordance with Article 45(5) GDPR; calls therefore on the Commission to suspend the Privacy Shield until the US authorities comply with its terms;
2018/04/25
Committee: LIBE