---------- Forwarded message ---------- Date: Tue, 30 Oct 2001 12:16:19 -0500 From: Aaron Lukas <aaronlat_private> To: declanat_private Subject: New Privacy Paper Declan: Although it (sadly) has nothing whatsoever to do with terrorism, my paper on U.S.-EU privacy disputes was published today by Cato. Interested Politech readers can find it online at: http://www.freetrade.org/pubs/pas/tpa-016es.html The press release follows. Regards, Aaron Lukas Cato Institute ------------------ October 30, 2001 Safe Harbor Agreement Faces Uncertain Future Few participants, limited enforcement, Cato study finds The EU-U.S. Safe Harbor agreement seeks to bridge differences between the Europe Union's top-down approach to regulating personal data and the more decentralized system that prevails in the United States. Specifically, the agreement is intended to head off a potentially costly ban by the EU on the transfer of personal information--such as people's names, addresses, birthdays, and buying habits--to the United States, which, according to the EU, lacks "adequate" data protection. In a new trade policy analysis, "Safe Harbor or Stormy Waters? Living with the EU Data Protection Directive," Aaron Lukas, an analyst at the Cato Institute's Center for Trade Policy Studies, concludes that, "Although Safe Harbor is still in its infancy, its survival is already in doubt." Only a handful of U.S. businesses have joined Safe Harbor--a list of companies maintained by the U.S. Department of Commerce that are assumed to provide adequate data protection, as defined by the EU Data Protection Directive. Lukas cites numerous reasons why this is true: * Many of the businesses are simply unaware of the agreement * European officials have made only limited efforts to enforce EU privacy law * The Safe Harbor principles are more restrictive and expensive than accepted U.S. privacy practices * Some firms believe that it may be easier for them to enter into privacy contracts with their European partners than to join Safe Harbor Compounding its problems, Safe Harbor faces internal European disputes over the legitimacy of the agreement, as well as concern on the U.S. side that national sovereignty has been compromised by the agreement. In addition, Safe Harbor does not cover U.S. financial institutions. Given the weakness of Safe Harbor, Lukas recommends that U.S. policymakers consider what they will do if the agreement collapses. While recognizing that Europe has the right to set its own privacy policies, he says, U.S. officials should be vigilant in holding Europe to its existing free trade commitments. Moreover, Congress should not give in to pressure--either international or domestic--to change U.S. privacy laws. "American policymakers should recognize the many advantages that flow from a market-based privacy regime and not be bullied into adopting EU-style privacy regulations, " Lukas concludes. "Safe Harbor should not be abandoned today, but neither should it be counted on as a secure port in future privacy storms." Trade Policy Analysis no. 16 (http://www.freetrade.org/pubs/pas/tpa-016es.html) Contact: Elizabeth L. Dixon, Communications Assistant, Center for Trade Policy Studies, 202-789-5264 ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. Declan McCullagh's photographs are at http://www.mccullagh.org/ To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue Oct 30 2001 - 09:55:19 PST