WASHINGTON – Undersecretary of Commerce David Aaron will make a strong push to wrap up privacy negotiations with the Europeans before he leaves office on March 31.
That date is the latest in a series of deadlines the two sides have set for agreement but each time failed to meet. Aaron postponed his resignation in order to continue talks right up to the last day.
Aaron has been the chief negotiator since US-EU negotiations on the contentious issue of providing “adequate” protection for European data sent to the US began more than two years ago.
“We’re not committed to finishing up by that date,” International Trade Administration spokesman Daniel Cruise said. “It’s not an absolute deadline and it’s not drastic if they don’t reach agreement by then.”
But both Aaron and his European counterpart, John Mogg, Director General of the EC’s DGXV section, “are very intent on trying to reach a compromise by then.” Cruise added. Aaron and Mogg meet again the week of Feb. 20 in Brussels.
Before that meeting Aaron will visit half a dozen European capitals to discuss outstanding issues with data protection authorities, principally in Spain, Portugal, Germany and France. A final meeting between the two men will probably take place before the end of March.
With only enforcement of the so-called “safe harbor” provisions – a set of seven principles designed to afford adequate data protection – still an issue, the US was encouraged by positive signals coming from Brussels.
Last month Aaron invited members of the EU’s Article 31 committee, which oversees the EU’s data protection directive, a law that triggered the current controversy, to Washington on a fact-finding mission.
The idea was to allow them to study just how effective US measures to protect data shipped from Europe to the US really were. “I would say they found our system to be very impressive and I think this has been very productive for them and for us,” Aaron said at the time.
The group discussed enforcement measures – what the US would do to companies who signed on to the safe harbor principles and then violated them, with officials at the FTC, the Treasury, the controller of the currency and various US privacy groups.
The DMA sent two of its top officials to brief the Article 31 group. One of them, Charles Prescott, the vice president for international affairs, said the presentation had been well received.
The underlying problem in these negotiations, Aaron has pointed out, rests on the difference in enforcement mechanisms. The Europeans rely on government mandate while the US has a mixed system of government rules and private self-regulation.
Concrete examples involving Microsoft and Real Music were discussed at the meeting, Aaron said, and how they were followed up – companies had corrected the challenged behavior as testified by third party auditors.
The key, Aaron said, is that if a company agrees to follow certain privacy practices and does not do so, it is not only subject to the self-regulation it has signed on to but would also fall afoul of the FTC for “deceptive and misleading business practices.”
Cruise said the Article 31 committee members had met with Mogg in Brussels after their return and that “their feedback had been very positive. They were very impressed with what they saw and we hope that will contribute to moving towards agreement.”
Aaron has said that both sides had compelling incentives for settlement:
Without one the EU won’t have assurances of adequate data protection, while US companies would remain anxious about when the current tacit “still stand” agreement would end and the Europeans could cut off the flow of data to the US.
Should the two sides fail to reach agreement by the time Aaron leaves, he would be replaced by Barbara Wellberry, the counselor the Undersecretary on e-commerce issues. She has been in on the talks since the start.