Privacy rights vs. terror fights: The EU and the United States are close to agreeing on how to protect personal and private data while still letting law enforcement officials share information to combat organized crime and terrorism.
Eighteen months of closed-door talks between European and American officials have already led to agreement on key principles for data-sharing, according to Jonathan Faull, director of the European Commission's justice and interior affairs department.
Faull told reporters Wednesday that formal talks could begin later this year, with a final binding deal reached in 2009.
The agreement aims to end criticism from privacy advocates and EU officials who have called for more guarantees that European privacy rights are respected by U.S. authorities as they seek access to more data from Europeans for security purposes.
European privacy rules are generally stronger than those in the U.S., and authorities have clashed in recent years over specific deals reached to transfer data taken from passengers flying to the United States and on banking and financial data transfers.
Faull said the pact would not give a blank check to U.S. or European police authorities to snoop into e-mails, bank accounts, credit card details or telephone records across the Atlantic.
"It is not the case ... that anything goes," he said.
Privacy groups remained skeptical, characterizing the talks as an attempt by the United States to weaken European privacy laws. U.S. Homeland Security Secretary Michael Chertoff wants to develop a common database of fingerprint and personal-data screening and wants access to EU visa applicant data files.
"The European Union, having enacted strong legislation to protect the privacy of its citizens, cannot be asked to render that legislation meaningless by allowing its citizens' data to be shared with a country that is, in privacy terms, all but lawless," said Barry Steinhardt, director of the American Civil Liberties Union's Technology and Liberty Project.
Faull said the two sides agreed to broad guidelines that limit the time data can be used or stored; provide oversight from privacy officers; and allow individuals to access and correct data collected on them.
He said negotiators had also agreed that the most sensitive and personal data will not be used, such as race or ethnic origins, political opinions, religious beliefs, trade union membership, health or sexual details. That information is declared off-limits under EU human rights and privacy rules.
The two sides still disagree on how Europeans can seek redress in U.S. courts when they feel their privacy rights have been violated. Faull said U.S. law does not let foreigners who do not live in the United States file lawsuits in such cases.
The American and European negotiators also differ over which law enforcement investigations the data can be used for and whether the data can be passed to other countries.