11 January 2011
Question for oral answer
to the Council
Sophia in ‘t Veld, Renate Weber, Baroness Sarah Ludford, Sonia Alfano, Jens Rohde, Gianni Vattimo, Marietje Schaake, Nathalie Griesbeck, Alexander Alvaro, Nadja Hirsch, Jelko Kacin, Marielle De Sarnez, on behalf of the ALDE Group
Subject: US subpoenas in relation to Wikileaks and EU data protection rules
There have been media reports about US authorities’ subpoenas to Twitter and possibly other internet firms, such as Google and Facebook, ordering the handover of personal data, messages and communications of persons possibly related to Wikileaks, including those of an Icelandic MP and a Dutch citizen. A subpoena was sent on 14 December 2010 from the Department of Justice to Twitter and a US district court ordered the handover of data from November 2009 to the present day(1). On 7 January 2011, Twitter made this information public, after winning a legal battle concerning the right to inform the individuals involved.
Can the Council, as a matter of urgency, seek official and detailed clarifications from the US authorities about the subpoena(s), whether they are connected to a criminal enquiry regarding illegal acts (and if so, provide information), the data requested, the sources, media and communication companies concerned, as well as any other relevant information on the case?
Can the Council also clarify the following, as a matter of urgency:
– the issue of jurisdiction and the legality of its apparent extra-territorial application, and the compatibility of these legal moves with protection of the privacy of EU citizens, including the question of whether any European or national data protection law has been or could be violated;
– whether it is aware of any similar subpoenas issued in the past in relation to personal data of EU citizens and what action it took in this regard;
– what representations will it make to the US authorities and media and communication companies, and what action will it take in the case of violation, actual or prospective, of EU data protection rules?
(1) The data requested includes: subscriber names, user names, screen names, or other identities; mailing addresses, residential addresses, business addresses, e-mail addresses and other contact information; connection records, or records of session times and durations; length of service (including start date) and types of services utilised; telephone or instrument number or other subscriber number or identity, including any temporarily assigned network address; means and source of payment of such service (including any credit card or bank account number) and billing records; records of user activity for any connections made to or from the account; non-content information such as IP addresses and source or destination email addresses; correspondence and notes of records related to the accounts. Source: http://www.ibtimes.com/articles/99141/20110110/twitter-wikileaks-google-facebook-us-government-court-secret-private-data-information-julian-assange.htm