Go back to the Europarl portal

Choisissez la langue de votre document :

  • bg - български
  • es - español
  • cs - čeština
  • da - dansk
  • de - Deutsch
  • et - eesti keel
  • el - ελληνικά
  • en - English (Selected)
  • fr - français
  • ga - Gaeilge
  • hr - hrvatski
  • it - italiano
  • lv - latviešu valoda
  • lt - lietuvių kalba
  • hu - magyar
  • mt - Malti
  • nl - Nederlands
  • pl - polski
  • pt - português
  • ro - română
  • sk - slovenčina
  • sl - slovenščina
  • fi - suomi
  • sv - svenska
Parliamentary questions
21 February 2013
Answer given by Ms Kroes on behalf of the Commission

The Commission is particularly mindful of third countries' legislation, whose possible extraterritorial application could jeopardise the individuals' fundamental right to protection of their personal data in the EU. As a matter of international public law, no foreign legal act as such can overrule relevant EU legislation or Member States laws, including the data protection acquis. Any processing of personal data in the EU has therefore to respect applicable EU data protection law. It is primarily for national authorities, in particular the independent data protection authorities, to monitor compliance with data protection rules and monitor and investigate any violations thereof. This subject is also being regularly raised by the Commission with the US authorities in the context of ongoing dialogue on different matters, including in the framework of the negotiation of a comprehensive EU-US agreement on the exchange of personal data between judicial and police authorities that should provide a high level of privacy protection for all individuals, while facilitating the exchange of data needed to fight crime.

The Commission also proposed a new Data Protection Package(1), which addresses this question in Recital (90). Moreover, the Cloud Computing Communication(2) addressed some aspects of international data transfers in the context of cloud computing services. It aims to review standard contractual clauses applicable to the transfer of personal data to third countries, adapt these to cloud services and call upon national data protection authorities to approve Binding Corporate Rules for cloud service providers.

(1)COM/2012/09 final; COM/2012/010 final and COM(2012) 11 final.
(2)The communication ‘Unleashing the Potential of Cloud Computing in Europe’, COM(2012) 529 final.

OJ C 346 E, 27/11/2013
Last updated: 21 February 2013Legal notice