Der Präsident. − Als nächster Punkt folgt die Aussprache über

– die mündliche Anfrage an die Kommission über Extraterritoriale Auswirkungen von Rechtsvorschriften aus Drittstaaten und EU-Datenschutzvorschriften von Sophia in 't Veld, Sylvie Goulard, Sonia Alfano, Alexander Alvaro, Sarah Ludford, Theodoros Skylakakis, Ramon Tremosa i Balcells, Philippe De Backer, Jens Rohde, Stanimir Ilchev, Giommaria Uggias im Namen der Fraktion der Allianz der Liberalen und Demokraten für Europa (O-000315/2011 - B7-0025/2012),

– die mündliche Anfrage an die Kommission über Extraterritoriale Auswirkungen von Rechtsvorschriften aus Drittstaaten und EU-Datenschutzvorschriften von Cornelia Ernst, Miguel Portas, Marisa Matias im Namen der Konföderalen Fraktion der Vereinigten Europäischen Linken/Nordische Grüne Linke (O-000318/2011 - B7-0026/2012),

– die mündliche Anfrage an die Kommission über Extraterritoriale Auswirkungen von Rechtsvorschriften aus Drittstaaten und EU-Datenschutzvorschriften von Jan Philipp Albrecht, Rui Tavares, Raül Romeva i Rueda, Judith Sargentini im Namen der Fraktion der Grünen / Freie Europäische Allianz (O-000326/2011 - B7-0028/2012) und

– die mündliche Anfrage an die Kommission über Extraterritoriale Auswirkungen von Rechtsvorschriften aus Drittstaaten und EU-Datenschutzvorschriften von Simon Busuttil, Manfred Weber, Jean-Paul Gauzès im Namen der Fraktion der Europäischen Volkspartei (Christdemokraten) (O-000022/2012 - B7-0035/2012).

  Sophia in 't Veld, author. − Mr President, the issue at stake here today is whether we can be certain that our own European laws always apply within Europe, or whether they could be overruled by third country laws.

The US, for example, considers that its jurisdiction does not only extend to activities and actors within the US, but also the activities of such actors elsewhere in the world. With that interpretation, US law has extra-territorial effect within Europe. The US, for example, can subpoena companies with a presence in the US to provide data stored in Europe. We have identified, in our oral questions, a number of laws that might have this effect – for example the Patriot Act, the Medicare Act on medical data and insurance data, the Foreign Intelligence and Surveillance Act, and the Foreign Account Tax Compliance Act (FATCA).

However, data stored in Europe is covered by EU law and companies there have to comply with EU law. The Commission acknowledges this, but what action has actually been taken to protect companies that find themselves caught between conflicting jurisdictions? This problem does not only concern the extra-territorial effect from US law, but potentially from any other country.

There are also other countries where European companies have a presence. For example, more and more companies have operations in China, and they too can be confronted with this problem. As a matter of fact, we are getting more confirmation nowadays that such companies are being confronted with this problem. This does not only concern EU data protection laws, as the title of today’s debate suggests, but all kinds of laws. FATCA, notably, raise strong concerns for European banks and insurers.

Commissioner, we hope to discuss this matter soon in the Committee on Economic and Monetary Affairs with your colleague, Commissioner Barnier. I would urge you to act now. We do not need new legislation, but it is key that we enforce existing European legislation in the interests of our citizens and our companies.

  Marisa Matias, Autora. − Bem-vinda, Senhora Comissária, para discutir este tema de tanta importância. De facto estamos a falar de questões centrais relativas à proteção de dados e sobretudo num contexto em que pode haver conflito entre duas jurisdições diferentes. A proteção de dados é, de facto, um dos domínios sensíveis e que tanta polémica tem gerado e, no meu entender, deve continuar a gerar, porque nós estamos a falar naquilo que pode ser o choque entre os direitos e as garantias, a salvaguarda dos cidadãos europeus que estão protegidos pela legislação europeia e depois se veem ultrapassados quando legislação de outros países se sobrepõe à legislação europeia.

É sensível por várias razões. É sensível porque há uma quebra e há uma dúvida naquilo que é um contrato que, para todos os efeitos, existe entre os cidadãos europeus e as instituições europeias. Estes quando cedem os seus dados pessoais, cedem-no no entender de que estes vão ser protegidos pelas entidades e pelas instituições europeias e que não vão ser distribuídos para outros fins. E, portanto, há aqui uma quebra de confiança, e este é um dado que é complicado de gerir e, por outro lado, também é uma situação grave e periclitante porque a União Europeia acaba por transferir os dados pessoais para países terceiros, quebrando assim esse elo de confiança que é gerado entre os cidadãos europeus e as instituições europeias e, portanto, se os cidadãos aceitam que as instituições europeias possam ser guardiãs dos seus dados pessoais em tantos domínios diferentes, desde as questões de saúde a outras questões como foram referidas de empresas que requerem os dados e estou a falar especificamente, por exemplo, no caso dos Estados Unidos, que sistematicamente requerem dados à União Europeia, o que nós estamos a fazer quando os cidadãos partem do pressuposto que estão a ceder e como disse, para que a União Europeia seja guardiã dos seus dados, o que se faz é uma quebra de confiança.

Portanto, eu quero dizer-lhe também, Senhora Comissária, que tem sido problemático, muitas vezes estas questões, por razões diferentes, mas eu estarei sempre do lado das manifestações dos cidadãos e das cidadãs que queiram salvaguardar a proteção dos seus dados pessoais e se houver manifestações que entendam fazer-se porque as instituições europeias não cumprem, eu acho que devemos estar do lado dos cidadãos e não do lado contrário. É quase uma espécie de traição que se realiza e, por isso, é que esta pergunta que lhe fazemos, estas questões que lhe colocamos, Senhora Comissária, é para que nos possa esclarecer, de uma vez por todas, porque nenhuma comunidade se constrói tendo como base ou como fundação a destruição ou diminuição dos laços de confiança que existem entre os seus cidadãos e as suas instituições e, neste sentido, Senhora Comissária, responda-nos, por favor, em que medida é que nós podemos garantir que a legislação europeia se sobrepõe à legislação de países terceiros. Porque se é certo que a legislação europeia se sobrepõe à legislação dos 27 países dos Estados-Membros da União Europeia, e nisso os cidadãos abdicam desse espaço de soberania em muitos momentos, por que razão é que poderemos aceitar que outros países, como por exemplo, os Estados Unidos, depois se sobreponham à legislação europeia que se sobrepõe à legislação nacional? É preciso que isto seja clarificado porque é de facto muito sensível, é grave e é uma questão que devemos ter em consideração.

E, por último, Senhora Comissária, gostaria de pedir-lhe, por favor, que nos diga o que é que a Comissão está a fazer para que isto não aconteça, para que não seja recorrente e para que os dados pessoais de todos os cidadãos e empresas e de vários setores que estão referenciados nestas questões, sejam, de facto, dados em que as pessoas possam confiar, que ficam ao abrigo daquilo que nós protegemos e com isto quero dizer que eu nem sequer partilho de que toda a informação que é armazenada deva ser armazenada, mas esse é outro debate. Em relação a este, como é uma questão grave e como é uma questão periclitante em matéria daquilo que são os direitos dos cidadãos, gostaria que nos desse esses esclarecimentos para que fiquemos todos mais descansados.

  Jan Philipp Albrecht, Verfasser. − Herr Präsident, sehr geehrte Kommissarin! Wir reden heute über die Frage des Zugriffs von Drittstaaten auf die Daten der europäischen Bürgerinnen und Bürger, also auch die Anwendung des Rechts von Drittstaaten auf europäische Bürgerinnen und Bürger, die hier in Europa sind. Das ist natürlich eine Frage, die nicht nur den Datenschutz betrifft, sondern in einer mehr und mehr vernetzten und globalisierten Welt sicherlich auch grundsätzliche Fragen zur Anwendung des Rechts sowie Fragen, welches Recht denn nun eigentlich gilt. Ich denke, darauf brauchen wir Antworten.

Wir haben immer wieder die Situation, dass gerade zum Beispiel in der sogenannten Cloud, wo immer mehr personenbezogene Daten gespeichert und Dienste in Anspruch genommen werden, unklar ist, welches Recht jetzt eigentlich anwendbar ist und welche Sicherheiten wir als Europäische Union unseren Bürgerinnen und Bürgern bieten, damit sie auf die Anwendung des europäischen Datenschutzrechtes auch in solcher Umgebung oder auch bei international agierenden Konzernen vertrauen können. Ich habe ja mit Freude zur Kenntnis genommen, dass wir jetzt eine Datenschutzreform auf europäischer Ebene in Angriff nehmen. Wir haben einen guten Vorschlag der Europäischen Kommission auf dem Tisch liegen, aber wir haben in diesem Vorschlag nicht etwa, wie bei vorherigen Entwürfen, einen Artikel, der klarstellt, dass bei Anfragen von Drittstaaten die Anwendung nur dann zugelassen ist, wenn sie im Rahmen der gegenseitigen Unterstützung in der polizeilichen und justiziellen Zusammenarbeit auch erlaubt ist. In diesem Zusammenhang würde mich interessieren, was mit dieser Bestimmung passiert ist und ob es Gründe dafür gibt, warum diese dort nicht mehr enthalten ist.

Ich denke, dass es wichtig ist, dass wir solche Bestimmungen auch in unserem Datenschutzrecht vereinbaren, insbesondere solange es keine gemeinsamen Standards mit diesen Drittstaaten gibt. Das sage ich besonders als Berichterstatter für das gemeinsame Datenschutzabkommen mit den USA.

  Simon Busuttil, author. − Mr President, the PPE Group takes the issue of the privacy of EU citizens and their data protection rights very seriously. It is in this spirit that we have been working very hard in the past few years to make sure that we put in place top-notch data protection laws that guarantee citizens’ rights to the full.

When the processing of data is carried out in Europe, we want citizens’ minds to be at rest that they enjoy high data protection standards. The processing of data by third countries presents a different problem. The concern here is that our standards might not be applied in cases which involve third countries. These are legitimate concerns.

Of course, it would be ironic if it were easier for third countries to process European citizens’ data in their territory than for European entities to do so in Europe. That is not acceptable for our citizens and, of course, cannot be acceptable to our Chamber, which is why we have to work together to find workable solutions.

Our solutions should start from the basic premise that a law enacted by a third country cannot be directly and automatically applied in the territory of the European Union unless EU law or Member State national law has explicitly allowed it to be so. We cannot lose control of this prerogative, and no law of a third country should be able to short-circuit EU law or national law, including EU data protection law.

We must make sure that this principle can be applied in law and in practice. I think that the new data protection package recently presented by the Commission gives us the opportunity to do so, as would the framework agreement with the United States that is being negotiated.

I look forward eagerly to Mrs Reding’s replies to our questions.

  Viviane Reding, Vice-President of the Commission. − Mr President, I agree entirely with the Members who have said that the high standards which we give to our citizens – rightly so – must also be transferred when there is an exchange of data with third countries. We in the Commission take this question very seriously, because the Commission believes and supports the principle that, in international public law, a legal act which is enacted by a third country cannot be directly and automatically applied in the territory of the EU unless – exceptionally – Union law or Member State law explicitly recognises the facts of such an act in their respective jurisdiction.

No legal acts of a third country as such can legally overrule the relevant EU legislation or Member State legislation, and this includes data protection rules. Any processing of personal data in the EU has to respect the applicable EU data protection law. If – and this was Mrs in ‘t Veld’s basic question – a US law enforcement authority requires information from companies operating in the European Union, whatever the nationality of those companies, they have to use existing channels of cooperation and mutual legal assistance agreements. This issue also applies when personal data are transferred by an EU company to a company in the US and when the data are subsequently processed for law enforcement purposes.

This sounds good – except that this issue is not explicitly addressed in the current EU legal framework. That is exactly the reason why (as the rapporteur knows perfectly well) we have the Data Protection Regulation, which the Commission put on the table on 25 January to try to provide additional legal clarity in these matters. The regulation makes it clear that transmissions can only take place when the conditions of the regulation for such transfers are met, notably when there is a justification on an important ground of public interest – and the public interest has to be recognised in Union law or in Member State law. This could involve, for instance, data transfer between competition authorities, tax and customs administrations, and it could also be for the prevention and investigation, detection and prosecution of criminal offences.

As you rightly said, this issue has been raised in the umbrella agreement on the protection of personal data. As Parliament has been informed, this negotiation is still continuing. For the moment we have not yet reached a conclusion with this negotiation. As Parliament also underlined, this is an element which, for my colleague who is responsible for taxation, has to be seen in the framework of the FATCA regulations.

Here I would like to make it very clear (this may be new information for Parliament) that the Commission has raised this issue with the United States regularly and intensively in the framework of the Financial Markets Regulatory Dialogue and, as a result of the discussion, on 6 February the US announced that the Foreign Account Tax Compliance Act (FATCA) should be complied with by the transfer of data between tax administrations rather than by the imposition of direct obligations on EU financial intermediaries. So that is good news, which now has to be put into a clear text. But this is the direction we want to go in, and the Commission will continue to work with the US and with the Member States in order to identify the best way to address this issue and achieve legal certainty and compliance with the EU Charter of Fundamental Rights.

When I speak here about the United States, this means that it also applies to other third countries. The relations between the EU and the United States are those which are most discussed, but in future we will certainly also have many discussions about other continents with which we have a specific relationship.

  Agustín Díaz de Mera García Consuegra, en nombre del Grupo PPE. – Señor Presidente, entiendo que la normativa en materia de protección de datos puede tener su fundamento en estrategias de seguridad interior. Pero no podemos olvidar que su impacto extraterritorial puede vulnerar derechos de los ciudadanos europeos.

Han surgido más que dudas en los casos Medicare Act, FISA, Patriot Act o FATCA. En muchos de ellos encontramos la obligación que se impone a las entidades financieras europeas, entendidas en su concepto más amplio, de proporcionar información de todo tipo como puede ser la titularidad y naturaleza de sus cuentas o la retención de pagos, entre otras.

No hay una resolución previa que justifique la obtención de todos estos datos, ni tampoco los usuarios conocen el destino que se les da, ni el tiempo durante el cual van a permanecer almacenados.

Es necesario, por tanto, adoptar medidas y diseñar un cuerpo normativo y legislativo para evitar la violación del principio de territorialidad. Debemos ser capaces de mantener intactas las relaciones exteriores de la Unión, así como la seguridad de nuestro territorio, pero todo ello con respeto absoluto hacia los derechos de todos los ciudadanos europeos.

Tarea en la que debe empeñarse, con mucho más empeño, con mucho más interés, la Comisión Europea.

  Δημήτριος Δρούτσας, εξ ονόματος της ομάδας S&D. – Κύριε Πρόεδρε, οι πιθανές εξωεδαφικές επιπτώσεις της νομοθεσίας τρίτων χωρών, ιδιαίτερα των Ηνωμένων Πολιτειών της Αμερικής και κυρίως στον τομέα της προστασίας των δεδομένων, έχει αυτονόητη μεγάλη σημασία για το Ευρωπαϊκό Κοινοβούλιο. Είναι επιτακτικό για εμάς στο Ευρωπαϊκό Κοινοβούλιο να γνωρίζουμε με ξεκάθαρο τρόπο και από εσάς την ίδια την Επίτροπο, εάν υπάρχει παραβίαση της σχετικής νομοθεσίας της Ευρωπαϊκής Ένωσης για την προστασία, ιδιαίτερα, των δεδομένων. Αφορά άμεσα τα δικαιώματα των ευρωπαίων πολιτών, έχει επιπτώσεις και στον οικονομικό κόσμο εντός της επικράτειας της Ευρωπαϊκής Ένωσης.

Θα ήθελα όμως, με την ευκαιρία της σημερινής μας συζήτησης, να επαναλάβω και κάτι το οποίο είχα πει λαμβάνοντας αφορμή από την πρόσφατη παρουσίαση των προτάσεών σας για την αναθεώρηση της οδηγίας προστασίας προσωπικών δεδομένων του 1995 η οποία, το επαναλαμβάνω και αυτό, είναι για εμάς στη σωστή κατεύθυνση. Διανύουμε μία περίοδο κατά την οποία η Ευρώπη κατηγορείται για έλλειψη ηγεσίας. Η Ευρωπαϊκή Ένωση, δυστυχώς, έχει χάσει κύρος και βάρος διεθνώς και ιδιαίτερα στον τομέα της εξωτερικής πολιτικής, αλλά αυτό βεβαίως είναι μια άλλη ιστορία.

Στα θέματα προστασίας προσωπικών δεδομένων όμως, η Ευρώπη βρίσκεται στην πρωτοπορία και δείχνει τον δρόμο και σε άλλες χώρες εκτός της Ευρωπαϊκής Ένωσης. Ελπίζω και είμαι σίγουρος, μετά από πολλές συζητήσεις που είχα και μαζί σας, ότι η Επιτροπή και εσείς προσωπικά θα συνεχίσετε με την ίδια αφοσίωση το έργο προς αυτή την κατεύθυνση.

  Véronique Mathieu (PPE). - Monsieur le Président, Madame la Commissaire, les normes de protection des données personnelles des pays tiers diffèrent encore considérablement des normes européennes. Il est cependant de notre devoir de nous assurer que nos standards minimaux européens de protection, dont nous nous prévalons, soient respectés et garantis au citoyen européen. Il est fondamental que les données à caractère personnel soient traitées loyalement et collectées à des fins déterminées et légitimes. Les citoyens européens doivent se voir garantir un droit d'accès et de rectification aux données personnelles les concernant et pouvoir introduire un recours juridictionnel en cas de violation de leurs droits.

Il faut agir pour permettre aux normes européennes et internationales de coexister et régler un conflit juridique potentiellement préjudiciable au citoyen européen. La législation européenne seule ne suffit pas. Elle doit s'articuler et coexister intelligemment avec des normes internationales, car nous ne pouvons nous défaire de nos devoirs et engagements envers les citoyens européens.

Cette situation fait écho à d'autres débats au sein de cette enceinte. Elle nous rappelle la pertinence de projets tels que la mise en place d'un programme européen de surveillance du financement du terrorisme. Un tel système nous permettrait de disposer d'un outil, qui a démontré son efficacité aux États-Unis tout en respectant pleinement le droit interne, et donc la protection des données personnelles des citoyens européens.

Les institutions européennes doivent continuer leur engagement en ce sens et assumer pleinement leurs normes de protection.

  Sophia in 't Veld, author. − Mr President, I do not know about the procedure. Simply, the most important question has remained unanswered, and I would like to be able to put the question again to the Commissioner in order to get an answer before we leave.

The question is: under current EU data protection rules, what can a company do to protect itself if it has an operation in the US and it has to comply with the subpoena? The subpoena says that data stored in Europe – and therefore covered by EU law – must be provided to the US authorities. This is not through a mutual legal assistance treaty; this is a company which has an operation in the US and is being obliged to provide data stored in the EU.

That data is covered by EU laws. How is the Commission going to protect those companies, which are asking for protection?

„Catch the eye“-Verfahren

  Phil Prendergast (S&D). - Mr President, in the context of the potential threat to EU citizens’ rights to data protection and privacy from third countries, I am particularly concerned at the provisions foreseen in the Anti-Counterfeiting Trade Agreement with regard to international cooperation, which compound the serious questions that the Treaty raises.

I intend to pursue this matter with the Commission and hope that the Commissioner will enlighten us on the implementing measures necessitated by these international cooperation provisions.

  Inês Cristina Zuber (GUE/NGL). - Senhor Presidente, na nossa opinião temos assistido, nos últimos anos, a uma vaga securitária e repressiva impulsionada pelo imperialismo, principalmente com a pretensa justificação do chamado combate ao terrorismo, que afronta liberdades públicas e direitos e garantias fundamentais dos cidadãos, empobrecendo progressivamente a democracia que temos. Preocupam-nos factos que são do conhecimento público, como a utilização ilegal de dados pessoais por parte da CIA, por exemplo, ou o estabelecimento de convénios União Europeia-Estados Unidos, como é o exemplo do acordo SWIFT, que faz com que criminosos e inocentes, suspeitos e insuspeitos, todos entrem num processo que não assegura a sua eficácia. Para além disto existe o risco de se perseguirem, através da utilização dos dados, todos os movimentos de resistência sob o pretexto de combate ao terrorismo.

Não podemos trocar a liberdade por mais segurança porque no final perdemos ambas. Estes dois valores não são incompatíveis, antes pelo contrário, uma sociedade só pode ser mais segura garantindo amplos direitos e liberdades democráticas.

  Jaroslav Paška (EFD). - Ochrana údajov občanov a inštitúcii Európskej únie je garantovaná právnymi a zmluvnými dokumentmi Únie. Akákoľvek ingerencia tretích krajín do chránených práv našich osôb je neprípustná. Preto je podľa môjho názoru nevyhnutné v záujme udržania si dobrých vzťahov so Spojenými štátmi viesť s nimi otvorený dialóg v záujme vytvorenia lepších partnerských vzťahov. Európska únia zatiaľ nie je kolóniou Spojených štátov amerických, a preto exteritoriálne účinky amerických zákonov na území Únie nemôžme akceptovať. Naši občania právom očakávajú, že Európska komisia si je vedomá týchto základných pravidiel a pri rokovaniach v rámci regulačného dialógu dosiahne s americkými partnermi takú dohodu, ktorá odstráni pochybnosti našich občanov a inštitúcií o možných účinkoch zákonov Patriot či FACTA na ich život.

  Elena Băsescu (PPE). - Această dezbatere este binevenită, cu atât mai mult cu cât astăzi am discutat şi subiectul respectării drepturilor omului.

Consider că problema transferului de date către statele terţe trebuie abordată în mod echilibrat. Transferul informaţiilor este necesar pentru a combate terorismul. Totodată, trebuie respectat un prag minim al dreptului la o viaţă privată, prin aplicarea principiului proporţionalităţii.

Reamintesc dezbaterile provocate de negocierea Acordului PNR dintre UE şi Statele Unite. Acordul final conţine clauze care să asigure acest echilibru. Spre exemplu, se pot comunica informaţii doar în scopul luptei împotriva infracţiunilor grave şi numai pentru anumite operaţiuni. Prin garanţiile incluse în tratat se oferă un grad sporit de transparenţă faţă de cetăţeni, iar informaţiile cu caracter sensibil sunt protejate prin condiţii stricte de utilizare.

  Silvia-Adriana Ţicău (S&D). - Mă voi referi în contextul acestei dezbateri la registrul cu numele pasagerilor.

Uniunea a semnat sau renegociază acorduri bilaterale privind registrul cu numele pasagerilor cu Statele Unite ale Americii, Canada şi Australia. Parlamentul analizează acum propunerea de directivă privind PNR, ce instaurează un tratament comun pentru registrul cu numele pasagerilor pe întreg teritoriul UE. În ţările terţe, există însă sisteme diferite privind protecţia datelor faţă de cel al Uniunii Europene. În cadrul Comisiei TRAN, am solicitat ca transmiterea datelor PNR să se realizeze, în cazul ţărilor terţe, numai dacă există garanţii corespunzătoare în ceea ce priveşte protecţia datelor personale, iar stocarea, prelucrarea şi analiza datelor PNR ale pasagerilor zborurilor internaţionale să aibă loc doar pe teritoriul Uniunii Europene, astfel încât legislaţia aplicabilă să fie legislaţia europeană privind protecţia datelor cu caracter personal.

În cazul PNR, întreb Comisia: cum garantează cetăţenilor europeni că transmiterea şi prelucrarea datelor personale beneficiază de protecţia legislaţiei Uniunii Europene?

  Kay Swinburne (ECR). - Mr President, time and time again in the Committee on Economic and Monetary Affairs, when we have considered the Alternative Investment Fund Managers Directive (AIFMD), short-selling, the European Market Infrastructure Regulation (EMIR) and now the Markets in Financial Instruments Directive (MiFID), we have dealt with the issue of the extraterritorial implications of US legislation. The European institutions have all stated their commitment to maintaining open markets in order to keep investment flowing around the world.

However, we are yet to come up with a clear solution to the questions being raised tonight. As a result, we are having to insert clauses in our EU financial services legislation in order to give the EU equal weighting to the US in the regulation of financial entities and products.

We have been forced to incorporate word-for-word in EMIR what I consider to be protectionist language from the Dodd-Frank Act. This does not seem to be an optimal solution to this problem, but I cannot yet see an alternative to US regulatory overreach into European companies and markets.

The implications of these extraterritorial provisions for access to and from our financial markets for Asia, Latin America and the rest of the world are yet to be seen, yet any solution that is proposed must above all else not just suit the US.

Ende des „Catch the eye“-Verfahrens

  Viviane Reding, Vice-President of the Commission. − Mr President, I agree with the speakers: it is high time that we say to the rest of the world, to our partners, that we are a continent of 500 million citizens who must be respected, and that the laws which we have decided together with this House have to be applied on the territory of the European Union. You might have seen that the Commissioner who is speaking to you has been very explicit on this: saying that the high guarantees which are our values, which are in our European laws, must not be eliminated in relations with third countries.

This is why we already have laws in place, and we are going to improve and strengthen them with the guarantees which the Treaty and the Charter of Fundamental Rights give to our citizens. We will make our European laws –which have to be respected by third countries on our territory – stronger. This is exactly the reason why I have tabled before this House a reform of the 1995 data protection rules and why I have said very clearly – and you can see what is going on in other territories at the moment in the political discussions – that those laws which we make here will become a world standard. That is what we want to achieve in the future.

For the time being, I have been very clear on the fact that the data protection rules of 1995 are missing some elements, such as arrangements concerning infringements, which we have included in our reform. The monitoring of data protection law compliance is also left completely up to national authorities, who are not currently obliged to inform the public or the European Commission. This should be changed, because the set of rules on data protection should in future be made on a continent-wide level in order to reinforce application.

Since the entry into force of the Treaty of Lisbon, agreements which we have with third countries – colleagues have been speaking about SWIFT and PNR – have to be agreed on by Parliament. This has dramatically changed the way that third countries approach the European Union. Lessons have been learnt from the way in which questions on SWIFT were dealt with. PNR is under discussion now and you know that the umbrella agreement which I negotiated with the United States will be on the table for this House to accept or to reject.

In the ACTA agreement, which this House also has to decide upon, the internet freedom provision has been included in the final text of the legislation precisely because of the remarks made by this House, because we do have problems (in answer to the question from the Member asking the fundamental question of tonight’s debate), because there is the problem of the conflict between two jurisdictions. This is a conflict of international law – and such issues of international law must be clarified by the Court in The Hague – but we have tried in our new legislation to clarify all these points.

If you read Recital 90 of the Regulation you will see, and I quote, that: ‘the extraterritorial application of these laws, regulations and other legislative instruments may be in breach of international law and may impede the attainment of the protection of individuals guaranteed in the Union by this Regulation’. That is why transfers should only be allowed where the conditions of this regulation for the transfer to third counties are met. That is what we have to work on now, beyond the conflicts which will arise between partners, beyond the international agreements which we have to vote on in this House and beyond the implementation of our European legislation in the framework of international law.

I therefore count on your support in the forthcoming legislative process on the data protection legal framework and on the umbrella framework, in order to clarify these points and in order to make it crystal clear that, on European territory, European law has to be applied.

  Der Präsident. − Herzlichen Dank, Frau Kommissarin! Schade, ich hätte es beinahe geschafft, noch vor 23.00 Uhr die Sitzung schließen zu können. Ich möchte aber den Kollegen hier für ihre Disziplin danken. Ich bedanke mich sehr bei den Saaldienern, bei den Mitarbeitern der Dienste des Hauses, und nicht zuletzt bei den Übersetzern für ihre Arbeit. Herzlichen Dank für den heutigen Tag.

Die Aussprache ist geschlossen.

Schriftliche Erklärungen (Artikel 149)

  Carlos Coelho (PPE), por escrito. – Tendo em conta que o nível de proteção de dados na UE é bastante mais elevado e abrangente do que na grande generalidade de países terceiros, foi importante consagrar o alcance extraterritorial da Diretiva, de modo a evitar que as empresas europeias pudessem transmitir dados pessoais para as suas instalações fora da Europa, com um processamento offshore de modo a tornearem a aplicação dos limites rigorosos impostos pela Diretiva.

A Diretiva proíbe a transmissão de dados pessoais para qualquer país terceiro que não tenha um nível de proteção de dados adequado. Neste momento, é muito reduzido o número de países que, segundo a Comissão, satisfazem este critério. É inaceitável que possam acontecer casos como o SWIFT, em que, no contexto de transferências internas da empresa, dados pessoais europeus, por se encontrarem em território americano, tenham que ser disponibilizados às autoridades americanas, anulando os direitos e as garantias oferecidos pela legislação europeia aos cidadãos e às empresas. É necessário e urgente adotar as medidas necessárias que permitam garantir uma efetiva aplicação das regras de proteção de dados europeias, bem como para evitar que eventualmente a legislação de países terceiros possa ter primazia sobre a legislação comunitária na proteção dos interesses dos cidadãos europeus e das empresas sediadas na UE.