"The PRISM case was a wake-up call that shows how urgent it is to advance with a solid piece of legislation" on data protection, said Commissioner Reding in her opening remarks. Reporting back on her 14 June meeting with US Attorney General Eric Holder in Ireland, she said: "We agreed to set up a transatlantic group of experts to address concerns".
"What is happening now is really shocking: (...) we cannot allow Americans to spy on EU citizens (...) even if it is a security matter", said Veronique Mathieu (EPP, FR). She also stressed the need to speed up work on the new EU data protection legislation and asked to be fully informed on the work of the above expert group.
"Are those experts known already? When are they meeting?" asked Judith Sargentini (Greens/EFA, NL). Timothy Kirkhope (ECR, UK) called for "a proper investigation" to "gather facts and details". He welcomed the use of IT tools to fight terrorism, provided it is always done in a "lawful way", and expressed support for the Commission.
Ms Reding confirmed that "not all the questions have been answered in Ireland". She stressed that EU citizens' data should have the same protection as those of US citizens and announced that the first meeting of the expert group should be held in July.
She also agreed that new data protection rules must be agreed quickly and "apply to all companies that operate in the EU", regardless of nationality or headquarters country.
"Our friends and partners go behind our backs and fish our citizens' data: this is dramatic" said Birgit Sippel (S&D, DE). "It is not true that this data is only used to fight terrorism. It is also used for immigration control", she continued, stressing that "We need to ensure that people's data are protected, whether or not they are suspected" of a crime".
"Our allies treat us not as friends but as suspects", said Sophia in't Veld (ALDE, NL). The EU needs to "show some backbone" and say where the limits are, she added.
Quizzing Ms Reding about a proposed data transfer safeguard, which would oblige third country authorities to request data through legal channels, she asked "Why between the first leaked draft and the official draft (...) was the jurisdiction deleted?" "Have Americans have been going through the draft with a red pen?"
Ms Reding replied that the red line is "never agree to go under the 1995 (data protection) directive standards". She added that the data transfer safeguard is currently just a recital in the draft legislation, but if Parliament "wants to make it an article I have no objection".
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.