Law experts condemn draft EU/US data-sharing agreement

Say it would give US too much freedom to sift through financial data

The EU could pass citizens' data to US authorities without adequate justification

Financial institutions in Europe will be required to report details of global financial transactions to the US under a redrafted agreement between the European Union and the US Treasury.

According to a blog post by information law training firm Amberhawk, the revised draft agreement will be considered for approval by the European Parliament in July. However, the text contains significant privacy defects and obvious areas of drafting in need of urgent attention, claimed the firm.

The draft consistently refers to “terrorism or terrorist financing” yet fails to define exactly what is meant by the word “terrorist”.

The agreement does define a range of activities, but the definition is still open to interpretation. It states that information should be transferred to the US about “acts of a person that... are... dangerous to human life or create a risk of damage to property... and are reasonably believed to be committed with the aim of... coercing a government to act or abstain from acting”.

The blog post concluded that the EU and the US want wide-ranging powers to “follow the terrorist money trail”, and that most people support that objective. Yet the loose definition of “terrorism” and the wide-ranging data-sharing powers, plus a “deliberate” exclusion of Europe’s Data Protection Commissioners, has caused Amberhawk to argue that this agreement should not progress in its current form.

“If the agreement goes through, the UK has to choose whether to become a member. Most international agreements become law by the Royal Prerogative so there is a significant risk that there will be little parliamentary scrutiny prior to implementation if the decision is taken to join the agreement.”