BETA

19 Amendments of Jeroen LENAERS related to 2016/3018(RSP)

Amendment 3 #

Recital D
D. whereas in its Opinion 4/2016 the EDPS raised several concerns on the draft Privacy Shield; while the EDPS welcomes in the same opinion the efforts made by all parties to find a solution for transfers of personal data from the EU to the US for commercial purposes under a system of self-certification;
2017/01/30
Committee: LIBE
Amendment 4 #

Recital E
E. whereas in its Opinion 01/2016 the Article 29 Working Party on the draft EU- U.S. Privacy Shield adequacy implementing Commission Decision welcomed the significant improvements brought about by the Privacy Shield compared with the Safe Harbour decision whilst also raising strong concerns aboutand in particular, the insertion of key definitions, the mechanisms set up to ensure the oversight of the Privacy Shield list and the now mandatory external and internal reviews of compliance, and whereas the Working Party has also asked clarifications on both the commercial aspects and the access by public authorities to data transferred under the Privacy Shield;
2017/01/30
Committee: LIBE
Amendment 6 #

Paragraph 2
2. Acknowledges that the EU-U.S. Privacy Shield contains significant improvements compared to the former EU-U.S. Safe Harbour and that U.S. organisations self- certifying adherence to the EU-U.S. Privacy Shield will have to comply with higher data protection standards than under Safe Harbourdiffers substantially from the Safe Harbour Framework, providing for a significantly more detailed documentation that imposes more specific obligations on companies willing to join the framework and that includes new checks and balances ensuring that the rights of EU data subjects can be exercised when their data are being processed in the US;
2017/01/30
Committee: LIBE
Amendment 11 #

Paragraph 3
3. Takes note that on 6 December 2016, 1170494 U.S. organisations have joined the EU-U.S. Privacy Shield;
2017/01/30
Committee: LIBE
Amendment 13 #

Paragraph 4
4. Acknowledges that the EU-U.S. Privacy Shield facilitates data transfers from SMEs and businesses in the Union to the U.S.; welcomes that companies are not left anymore in a legal limbo and that the EU-US Privacy Decision is providing a legal base for the data transfer; also recalls that legal certainty, and in particular clear and uniform rules are a key element for business development and growth, in particular for SMEs companies; insist in this regard that SMEs accounted for 60% of the companies relying on the Safe Harbour Framework and that SMEs stand to gain the most from the new Privacy Shield and calls on the Commission in close cooperation with the DPAs to provide for greater clarity, precision and accessibility in the implementing and functioning of the Privacy Shield for those companies;
2017/01/30
Committee: LIBE
Amendment 15 #

Paragraph 5
5. Notes that, in line with the ruling of the Court in the Schrems case, the powers of the European data protection authorities remain unaffected by the adequacy decision and hence they can exercise their powers, including the suspension or the ban of data transfers to an organisation registered in the EU-U.S. Privacy Shield; welcomes in this regard the prominent role given by the Privacy Shield Framework to Member State DPAs to examine and investigate claims related to the protection of the rights to privacy and family life under the EU Charter of Fundamental Rights, to suspend transfers of data, as well as the obligation placed upon the US Department of Commerce to resolve such complaints;
2017/01/30
Committee: LIBE
Amendment 16 #

Paragraph 5 a (new)
5a. Notes with satisfaction that under the Privacy Shield Framework, EU data subjects dispose of several ways to pursue legal remedies in the US as first, complaints can be lodged either directly to the company or through the Department of Commerce following a referral by a Data Protection Authority (DPA) or to an independent dispute resolution body; secondly, with regard to interferences with fundamental rights for the purpose of national security, a civil claim can be brought before the US court. Similar complaints can also be addressed by the newly-created independent Ombudsperson; finally, complaints about interferences with fundamental rights for the purposes of law enforcement further and the public interest can be dealt with by motions challenging subpoenas; encourages further guidance from the European Commission and DPAs to make those legal remedies all more easily accessible and available;
2017/01/30
Committee: LIBE
Amendment 22 #

Paragraph 7
7. Considers that, despite the clarificationommitments and assurances made by the U.S. administrationgovernment by means of the letters attached to the Privacy Shield arrangement, important concerquestions remain as regards certain commercial aspects, national security and law enforcement;
2017/01/30
Committee: LIBE
Amendment 26 #

Paragraph 8
8. Notes, amongst, others the that, although U.S. lackw offers specific rules protections automated decision- making, on a general right to object, and the lack of clegainst adverse decisions in areas where companies most likely resort to automated processing (e.g. employment, credit lending), no specific rules on automated decision-making are principles on howovided for in the Privacy Shield Principles apply to processors (agents)and therefore calls on the Commission to monitor the situation, including through the annual reviews;
2017/01/30
Committee: LIBE
Amendment 27 #

Paragraph 8 a (new)
8a. Notes that, while individuals have the possibility to object vis-à-vis the EU controller to any transfer of their personal data to the U.S., and to the further processing of those data in the U.S. where the Privacy Shield company acts as a processor on behalf of the EU controller, the Privacy Shield lacks specific rules on a general right to object vis-à-vis the U.S. self-certified company;
2017/01/30
Committee: LIBE
Amendment 30 #

Paragraph 8 b (new)
8b. Notes the lack of explicit principles on how the Privacy Shield Principles apply to processors (agents), while recognizing that all Principles apply to the processing of personal data by any U.S. self-certified company “[u]nless otherwise stated” and that the transfer for processing purposes always requires a contract with the EU controller which will determine the purposes and means of processing, including whether the processor is authorised to carry out onward transfers (e.g. for sub- processing);
2017/01/30
Committee: LIBE
Amendment 32 #

Paragraph 9
9. Stresses that, as regards national security and surveillance, notwithstanding the clarifications broughtrepresentations and assurances provided by the Director of National Intelligence Office in the letters attached to the Privacy Shield framework, “bulk surveillance”, despite the different terminology used by the U.S. authorities, remains possible in exceptional cases and within limits in particular as regards the application of filters used to focus the collection on personal data responsive to specific foreign intelligence needs and to limit the collection of non-pertinent information (minimization);
2017/01/30
Committee: LIBE
Amendment 41 #

Paragraph 10
10. Deplores that, neiRecalls its Resolution of 26 May 2016 welcoming the introduction of new redress mechanisms under the Privacy Shield, but also recognizes that questions remain as to whether the Privacy Shield Principles norand the letters of the U.S. administration providinge sufficient clarifications and assurances to demonstrate the existence of effective judicial redress rights for individuals in the EU whose personal data are transferred to an U.S. organisation under the Privacy Shield Principles and further accessed and processed by U.S. public authorities for law enforcement and public interest purposes, as required by article 47 of the Charter;
2017/01/30
Committee: LIBE
Amendment 46 #

Paragraph 11
11. Recalls its Resolution of 26 May 2016 that the Ombudsperson mechanism set up by the U.S. Department of State is not sufficiently independent and is not vested with sufficient effective powers to carry on its duties and provide effective redress to EU individuals, while recognizing that according to the representations and assurances provided by the U.S. government the Ombudsperson is independent from the U.S. intelligence services, free from any improper influence that could affect its function and moreover works together with other, independent oversight bodies with effective powers of supervision over the U.S. Intelligence Community;
2017/01/30
Committee: LIBE
Amendment 51 #

Paragraph 13
13. RegretUnderlines that the Commission followed the adequate procedure for adoption of the Commission implementing decision in a practical manner that de facto has not enabled the Parliament toand stress that the Parliament was informed on time in order exercise its right of scrutiny on the draft implementing act in an effective manner;
2017/01/30
Committee: LIBE
Amendment 61 #

Paragraph 15
15. Calls on the Commission to conduct, during the first join annual review, a thorough and in-depth examination of all the shortcomthe adequacy findings and weaknesses referred to in this resolution, in its Resolution of 26 May 2016 on Transatlantic data flows12 , and those identified by the Article 29 Working Party, the EDPS and the stakeholders, and to demonstrate how they have been addressed so as to ensure compliance with the Charter and Union lawthe legal justifications thereof, both with a view to ensuring that personal data are adequately protected and that is functioning efficiently without unnecessary impairment to the other fundamental rights, such as the right to privacy and security, the right to receive and impart information, and the right to conduct business, and to evaluate meticulously if the mechanisms and safeguards indicated in the assurances and clarifications by the U.S. administration are effective and feasible; _________________ 12 Text adopted, P8_TA-PROV(2016)0233.
2017/01/30
Committee: LIBE
Amendment 65 #

Paragraph 16
16. Calls on the Commission to ensure that for the conducting of the joint annual review, all the members of the team shall have full and unrestrictedaccess to all documents in accordance with the existing rules on access to all documents and premises necessary for the performance of their task and that their independence in the performance of their tasks is ensured;
2017/01/30
Committee: LIBE
Amendment 68 #

Paragraph 17
17. Calls on the Union Data Protection Authorities to monitor the functioning of the EU-U.S. Privacy Shield and to exercise their powers, including the suspension or definitive ban of personal data transfers to an organisation in the EU-U.S. Privacy Shield if they consider that the fundamental rights to privacy and the protection of personal data of the Union’s data subjects are not ensured;
2017/01/30
Committee: LIBE
Amendment 71 #

Paragraph 18
18. Stresses that the European Parliament should have full access to any relevant documents related to the joint annual review, underlines that the access to this documents have to be in accordance with the existing rules on access to documents;
2017/01/30
Committee: LIBE