12
personal data was protected among European countries was different
from the system that was in place in the U.S. The protection of personal
data had a central place in Europol’s mode of operation as reflected in the
organisation’s convention.
38
In this respect, the EU had a detailed data
protection regime (the comprehensive legislative framework model) based
on a number of international agreements, rules and regulations, and on
data protection supervisory authorities. Furthermore, the Europeans were
sceptical about giving much flexibility to law enforcement agencies
regarding the storage and process of personal records concerned about
the risk of potential abuse.
39
The U.S. system, on the other hand, was based on sector-specific laws,
the self-regulation of private sector and technologies that enhanced
personal privacy.
40
Contrary to the Europeans, the U.S. authorities see
the law enforcement agencies as a strong partner of the U.S. justice
system and in case of data protection abuses from the law enforcement
institutions the U.S. system relies on the judiciary for the correction of
misconducts .
41
Despite these major differences between the two parties, in the
negotiations that ensued, Europeans made a number of concessions to
the Americans on the data protection issues of data retention, purpose
limitation, data accuracy, and data protection adequacy. According to
Europol’s rules, before the start of negotiations, the data protection
system of the U.S. should have been assessed according to European
standards.
42
In practice, this never happened.
43
Regarding the purpose
limitation principle, the data that was requested and subsequently
transferred should only be used for the purpose for which the request was
submitted. In the Europol-U.S. agreement however the allowed use of the
shared data was broadened.
44
Concerning data retention, Europol
Convention stated that the organisation could not store data for more
than three years and Europol’s Supervisory Body highlighted that this
13
time limit should be applicable to the data transferred to the U.S. too. The
final text of the Europol-U.S. agreement did not include however any
time-limitation to the storage of data, in accordance with the U.S.
preferences on this topic.
45
Finally, there was no mentioning in the
agreement about the deletion of incorrect data and about the number and
status of the U.S. law enforcement agencies that would have access to
the Europol information.
46
The above concessions of the EU and Europol mean that the EU was not
in a position of hierarchical superiority which could allow Europeans to
impose their data protection rules. In this sense, there was a situation of
asymmetrical interdependence against the EU which led Europeans to
compromise.
The first reason for this compromise was that in the wake of the 9/11
attacks where the U.S. had a superior and global role in the fight against
terrorism Europe was left with no other choice than to cooperate with the
U.S.
47
In the context of the post-9/11 U.S. superiority, the EU authorities
found a window of opportunity which allowed them to institutionalise their
counterterrorism policies and Europol was central in this effort.
48
The
security officials of the EU used the U.S. demands for enhanced
transatlantic cooperation as an excuse for increasing the role and status
of the Europol within the EU’s security machinery.
49
This agreement was
an opportunity for Europol to improve its intelligence network both
internally and externally, given that many member states were reluctant
to share critical information with Europol due to mistrust;
50
the Europol-
U.S. agreement, however, paved the way for Europol to become a central
body in EU’s intelligence, counterterrorism and law enforcement
apparatus.
A second reason for Europol’s flexible stance was the fact that Europol
saw an opportunity for benefiting from U.S. intelligence which could
14
prevent future attacks at European soil.
51
When the Al Qaeda declared its
intention to target Western countries, along with the U.S. the EU
countries were also included in the terrorist organisation’s list.
52
In this
sense, there was a common threat, that of Al Qaeda, that united the U.S.
and the EU, and Europeans were as concerned about this threat as the
Americans.
The third reason behind Europol’s stance was that Europol officials wanted
to enhance the status and the prestige of the European organisation
through an agreement with the U.S. which emerged after the 9/11
attacks as a dominant counterterrorism actor.
53
Such an agreement
would confirm globally the status of Europol as an important pan-
European law enforcement institution. This was even more important if
the frequent criticisms about the progress of Europol and EU’s third pillar
are taken into account. In this sense, the dependency of Europol on the
recognition by the U.S. led the EU to be less persistent on data protection
issues in the negotiations with the Americans.
The fourth factor that played a role in Europol’s stance was the fact that
when the Europol-U.S. agreement was concluded Europol was not
accountable to the European Parliament
54
and the European Court of
Justice had a limited role on reviewing the actions of Europol.
55
In other
words, there was a suitable political environment for Europol to sign a
data exchange agreement with the U.S. without consulting the European
Parliament which has been critical of the EU-U.S. counterterrorism
cooperation and without the risk of ECJ’s judicial review.
In view of the four factors mentioned above, Europol faced a situation of
interdependence with the U.S. in the field of counterterrorism and
therefore the EU made a number of compromises on the issue of data
protection for its own interest. This retrenchment from EU’s normative
values could create a negative precedent on the effort of the EU and
Dostları ilə paylaş: |