The US-EU “Safe Harbor” programme was established in 1998 as a way for US companies to avoid breaking privacy law in the European Union, where it is stricter than in the US.
Companies operating in the EU are not permitted to share customer data with countries outside the European Economic Area unless it can guarantee the “adequate” protection of that information. In the EU, what constitutes “adequate” protection is written into law.
Under Safe Harbor however, US companies can voluntarily subscribe to uphold the EU criteria for “adequacy.”
But in the wake of the allegations about widespread government spying by NSA whistleblower Edward Snowden, German data protection officers are not convinced that EU customer data has been sufficiently protected, financial newspaper the Handelsblatt reported.
In a letter addressed to Chancellor Angela Merkel, data protection officers employed at both federal and state level called on the European Commission to suspend the data-sharing programme until the United States responds to the allegations levelled by NSA whistleblower Edward Snowden.
One data protection expert quoted by the Handelsblatt said it was “highly likely” that the NSA has been tapping into German data. “We expect the Americans to abide by German law,” he said, adding that data protection officers were “very concerned” that laws were not being observed.
As pressure grows on Merkel to do more to demand answers from the US, a parliamentary committee tasked with investigating the spying allegations is preparing to meet on Thursday.
Federal Minister for Special Affairs, Ronald Pofalla, will be grilled on what he knew about the nature of the co-operation between German intelligence services and the NSA.
In a separate development, Edward Snowden is to be given a pass allowing him to leave Moscow’s Sheremetyevo airport where he has been holed up for a month as he awaits the results of several asylum applications.