International cooperation to shape common policies for cybersecurity and data protection

 The United States and the European Union have agreed to treat cybersecurity, cyber crime and data protection as international issues, cooperatively developing polices based on shared values.

Mary Ellen Callahan, chief privacy officer of the Homeland Security Department, called the recent joint statement on these principles by U.S. and E.U. officials a major milestone in data protection and data sharing.

“The next step is negotiating a binding international E.U.-U.S. agreement based on these common principles to facilitate further cooperation while ensuring the availability of full protection for our citizens,” she said.

The pledge is intended to extend ongoing efforts to align U.S. and E.U. policies on transatlantic issues, as Europe updates its human rights policies in the Stockholm Programme, expected to be completed this year.

“We would like to take this opportunity to renew our partnership for the next five years,” the statement said.

The statement is short on specifics, setting a goal of deepening transatlantic cooperation “in the pursuit of greater justice, freedom and security.” It cites achievements made by the two communities in areas ranging from the exchange of airline passenger information to efforts to close the Guantanamo Bay detention facility, and lays out areas where there is need for continued “balanced, agile, creative and forward-thinking” cooperation, including technology issues.

“Scientific and technological cooperation is indispensable to enhance the security of our societies,” the statement says. “We will therefore further deepen our cooperation in the area of civil security research, in particular via our newly extended and amended Agreement for Scientific and Technological Cooperation.”

Although both the United States and the European Community acknowledge shared values for justice and privacy, aligning policies on the use of personal information has been a stumbling block in the past. Information on transatlantic airline passengers is exchanged between countries, but European privacy requirements put tighter restrictions on that information than does the United States. The statement calls for building a permanent agreement built on shared values.

“We recognise the critical importance of providing a high level of effective protection of personal data,” it said. “The negotiation of a binding international EU-U.S. agreement should serve as a solid basis for our law enforcement authorities for even further enhanced cooperation, while ensuring the availability of full protection for our citizens.”

The two sides pledged continued cooperation in fighting cyber crime, which often crosses borders. This will include annual meetings of U.S. and E.U. prosecutors, and promotion of the implementation of the Council of Europe Convention on Cybercrime.

Protection of critical infrastructure, including cyber resources, also will be a subject of continued cooperation.

“Recent cyber attacks are a reminder of the urgent need for action,” the statement said. “We are resolved to prevent attacks against our information systems and develop means to swiftly respond to threats of an increasingly global nature. We will work cooperatively to recover from major critical information and communication system failures.”

However, the Internet can be used as a tool for terrorism as well as being a target, which creates a new set of problems for national and international policy. “The misuse of the Internet for disseminating violent and radicalizing messages is a worrisome phenomenon that we need to consider within the context of legal restraints and operational needs,” the parties said.

How far nations should go in regulating Internet content is sure to create controversy both between countries and in them.