Strict enforcement of existing European data protection laws...

data flows and on the functioning of the safe harbor agreement that allows European companies to send personal data to the U.S. In addition, the EDPS said, reformed EU data protection rules should require clarity and consistency in addressing issues such as prerequisites for data transfers, processing of personal information for law enforcement purposes and conflicts of international law. He urged quick progress to thwart attempts by political and economic interests to narrow fundamental privacy rights. Hustinx stressed that massive monitoring of communications violates EU data protection and fundamental rights measures. Any exceptions to those rights for national security purposes should only be permitted if they are strictly necessary, proportionate and in line with European case law, he said. In addition to existing legislation, stronger laws and agreements are needed in the future to restore confidence that has been seriously undermined by various snooping scandals, he said. Other recommendations included: (1) Tighter deadlines for review of safe harbor and followup if any deficiencies remain. (2) Ensuring that current talks on an EU-U.S. “umbrella” agreement for law enforcement cooperation don’t legitimize massive data transfers but comply with existing rules. (3) Working toward more interoperability of national legal privacy frameworks. (4) EC-lead education initiatives on the security of data processed on the Internet in EU institutions and relevant bodies in member countries.