VIENNA (Reuters) - A watchdog in Ireland, home to the European headquarters of Apple and Facebook, says it will not investigate them for transferring personal data to a U.S. spy agency because they have signed up to EU privacy principles.
The Irish Office of the Data Protection Commissioner (ODPC), had been challenged by an Austrian student activist group to investigate allegations that the U.S. National Security Agency harvests emails and other private data from the companies in a mass electronic surveillance program known as Prism.
But in an email published by the student group, europe-v-facebook, the ODPC said the companies were covered by ‘Safe Harbour’, a system that allows U.S. firms to certify themselves as compliant with EU data protection law by signing up to a set of principles supposed to safeguard how personal data are used.
The European Union adopted Safe Harbour in 2000, seven years before the NSA began the Prism program that was revealed by fugitive intelligence contractor Edward Snowden last month.
“We do not consider that there are grounds for an investigation under the Irish Data Protection Acts given that ‘Safe Harbour’ requirements have been met,” the ODPC wrote to europe-v-facebook.
An ODPC spokeswoman told Reuters: “If something is agreed by the European Commission for the purpose of providing safeguards, that ticks a box under our jurisdiction.”
Max Schrems, the founder of europe-v-facebook, said: “We have the impression that the ODPC is trying to simply ignore the complaints and the whole Prism scandal.”
The 25-year-old law student is also awaiting responses to complaints he has filed against Yahoo in Germany and Microsoft and Skype in Luxembourg.
Snowden’s leaks about NSA eavesdropping methods have caused widespread outrage among both friends and foes of the United States. Freedom-of-expression group Index on Censorship launched a petition together with five other campaign groups on Thursday calling on European heads of government to discuss the issue at their next summit in October.
Ireland, which has courted U.S. business for decades and offers attractive tax rates, is home to the European headquarters of some of the biggest U.S. technology companies including Microsoft and Google, which are also alleged to have cooperated with the Prism program.
The companies, which are restricted by law as to what they can disclose about their involvement, say they have not given direct access to their servers to any government agency, and have only provided user information in accordance with the law.
The Snowden affair has raised questions about the efficacy of Safe Harbour. The data protection commissioner for the German state of Bremen called on Wednesday for the European Commission to suspend it indefinitely in light of the “excessive surveillance by foreign secret services”.
Viviane Reding, the European Commissioner for Justice, Fundamental Rights and Citizenship said this month: “The Safe Harbour agreement may not be so safe after all.” A spokeswoman for her office said the Commission was working on an assessment of the agreement, which it would present by the end of the year.
Additional reporting by Ethan Bilby in Brussels and Madeline Chambers in Berlin; Editing by Mark Trevelyan