The bilateral agreement concluded last week between the United Kingdom and the United States, which allows law enforcement authorities on both sides in criminal investigations to have direct access to electronic data stored by companies in the other country, has raised serious concerns and questions in the European Union.
Signed on 3 October as part of the US CLOUD Act, the agreement comes one week after the EU and the US formally began negotiations on an agreement on cross-border access to electronic evidence (see EUROPE 12337/27).
MEPs Moritz Körner (RE, Germany) and Sophie in't Veld (RE, Netherlands) have sent a written question to the European Commission on this subject. “Considering that the UK is still an EU Member State, does the Commission consider this bilateral agreement to be in line with EU law? [...] If not, will it start infringement proceedings?” they asked.
In their view, the bilateral agreement also removes, in most cases, the requirement of prior judicial authorisation for access to personal data.
MEPs are also concerned about whether this agreement sets a precedent or could restrict the EU’s room for manoeuvre in the current negotiations with the United States.
The European Commission has indeed, on several occasions, warned Washington against the temptation of negotiating bilateral agreements with some Member States (see EUROPE 12304/4).
MEPs also asked the Commission about the consequences of this agreement for the adoption of an adequacy decision on the protection of personal data once the country has left the EU. (Original version in French by Marion Fontana)