European Commission Slaps U.S. Privacy Standards

The European Commission has made it clear it finds U.S. privacy standards inadequate and wants a revision of the mechanism by which companies can declare they have satisfied European requirements. In documents released last month, the Commission alludes to, among other things, the National Security Agency’s PRISM program, maintaining that it may flout the U.S.-E.U Safe Harbor Framework, and failure of some U.S. companies to make clear why they collect data or whether individuals can opt out of having their data disclosed to third parties. European Union justice and rights commissioner Viviane Reding characterized the commission’s concerns as “a real to-do list” for the United States, and said the U.S. should act on them by mid-2014. EU regulations apply to companies processing Europeans’ data, and require companies to either comply with a 1995 Data Protection Directive or join the U.S.-E.U Safe Harbor Framework.