Brussels, 02/09/2011 (Agence Europe) - On Thursday 1st September, the European Commission was accused of being “evasive” regarding the use of personal data stored by companies using cloud computing services operating in the EU with their main office or activities in the United States and, more specifically, with regard to the European or US laws that should apply to these companies.
In early July, four MEPs from the ALDE Group had quizzed Commissioner Viviane Reding on this subject. Sophia in't Veld, Sarah Ludford, Renate Weber and Alexander Alvaro had asked her about the possibility that US authorities might gain access to personal data stored in the EU on the basis of the Patriot Act and that they would thus circumvent the 1995 European directive on data protection (currently under review).
This fear was exacerbated by a statement made by the director of Microsoft United Kingdom in June, who said data stored in the context of cloud computing services throughout the world were not protected against the Patriot Act and that, in this specific case, as Microsoft had its main office in the United States, only US jurisdiction applied.
Commissioner Reding has not really answered this request for clarification, according to several sources from the civil liberties committee. The four MEPs therefore restated their request for clarification on Thursday 1st September.
In a press release, they said this was a “matter of urgency”. “Companies operating in Europe need to know if the data stored on their EU servers are protected by European laws, or if they fall within the jurisdiction of a third country”, said Sophia in't Veld.
Renate Weber took the view that the Commission must also clarify the “difficult position of certain EU-based companies currently facing US subpoenas under the Patriot Act and if necessary raise this matter with the US”. (S.P./transl.jl)