Data sharing deal with US must end due to 'mass surveillance' – EU court advisor

The European Court of Justice's top legal aid has said that a 15-year-old agreement that eases the transfer of data between the EU and the US should be ended, accusing American intelligence services of conducting “mass, indiscriminate surveillance.”

The ECJ's advocate-general, Yves Bot, said on Wednesday that the Safe Harbour agreement does not do enough to protect the private information of EU citizens once it arrives in the US, adding that it should have been suspended.

Safe Harbour allows US firms to collect data on their European customers. The system is used by Google, Facebook, and more than 4,000 other companies.

However, it also allows the NSA to use the Prism surveillance system exposed by Snowden to wade through the personal data, communication, and information held by nine internet companies.

Using Facebook as an example, Bot said that users “are not informed that their personal data will be generally accessible to the United States security agencies.”

“Such mass, indiscriminate surveillance is inherently disproportionate and constitutes an unwarranted interference with the rights guaranteed by articles seven and eight of the charter [of fundamental rights of the EU],” he said, adding that European internet users have no effective judicial protection while the data transfers are happening.

Bot added that if any EU country believes that transferring data to overseas servers undermines the protection of citizens, it has the power to suspend those transfers “irrespective of the general assessment made by the [EU] commission in its decision.”

But despite allegations from Bot, Facebook has denied accusations that it provides 'backdoor' access to its servers.

Sally Aldous, a spokeswoman for the social media giant, said on Wednesday that the company “operates in compliance with EU Data Protection law. Like the thousands of other companies who operate data transfers across the Atlantic we await the full judgment.”

"We have repeatedly said that we do not provide ‘backdoor’ access to Facebook servers and data to intelligence agencies or governments,” she said.

Although Bot's opinions are not binding, they are typically followed by the ECJ's judges, who are considering a complaint about the arrangement in the wake of US surveillance revelations from former NSA contractor Edward Snowden.

The EU court's decision is expected in the next four to six months.

The European Commission has been in talks with the US for two years, discussing ways to strengthen the Safe Harbour framework amid calls for its suspension.

Meanwhile, many US companies have praised the 2000 Safe Harbour deal, saying it helps them avoid complicated checks to transfer vital data, including payroll and human resources information.

An end to the agreement would cause a headache for US companies operating in the EU, as well as bring about the potential for a varying of national approaches, lawyers said, as cited by Reuters.

It comes just six months after 27-year-old Austrian law student Max Schrems filed a complaint against Facebook, alleging the social media site was helping the NSA harvest email and other private data by forwarding European data to servers in the US.