 Hello everyone, and good evening ladies and gentlemen, my name is Christopher Hill. I'm a political scientist, I'm in the wrong place. I've fallen among strangers. No here, as everybody knows, not only are we physically close to the Department of Politics International Studies to the Law Faculty, but we have lots of links, personal and disciplinary and particularly on matters European where it has a long tradition of collaboration. Yn y gweithio cyfath o'r ddau, ac yn ddod i ddim yn ei ddymarfodd i ni'n gweithio'r ddweud y llyfr ac y lech i gyd-dynai y Llyfr MacKenzie Stewart. Mae ydw'n gweithio'n gweithio ar gyfer 1998. Yn y rhan o'r Llyfr MacKenzie Stewart, ac rydych chi'n gweithio eich gweithio y Llyfr MacKenzie Stewart, a'r ddweud y Llyfr MacKenzie Stewart yn y gallu drws sy'n gweithio yma, Felly, yn ôl hyd o'r llwyddiad sydd wedi'u'r siwr, mae'r bobl yn ysgolwyr. Mae'r bobl yn ysgolwyr. Mae'n ddweud hynny sy'n golygu, mae'n ddweud o'r holl ffacol sydd wedi'i ddwyliadau a'r holl ddweud o'r ddechau. Mae'n ddweud o'r holl i ni ddim iddyn nhw'n mynd i'r holl fferm amser ac i'n ffroedd. Felly, y Stryd Dwyedd Cymru Cyngor Llywodraeth, gyda'r ystodfod yng nghymru. Mae nid yn ymwneud yma rydyn ni'n gweithio yng nghymru. But mae'r ysgrifennu i gyddoedd yng nghymru i ni'n ddweud ystodfod hynny. Mae'r Ymddangod Rhondda Ieisio Llywodraeth Cymru. Yr Ydyn ni'n ddweud i gyda'r ystodfod. Mae'r ystod gweithio cyd-diweddau yn rhoi am y cyfaint. Mae'n meddyliadau gwahaniaeth, oherwydd mae'n meddyl autyn nhw yma, yn y cwrs â gweithio ymlaen ymlaen. Mae'n ymlaen i'r Ffraeg, yn ymddiannau Llywodraeth, yn Llywodraeth, yn oed i'r Llywodraeth, yn ymlaen i'r Llywodraeth, yn Ymddiannol, yn ymlaen i'r ysgol Llywodraeth, yn ymdiannol, dd dxisgar . But more for the purposes of tonight He has an enormous experience across the divide of private and public sectors as well as across the scholarly practitioner divide and that's not so usual. He has served in the Clinture administration as director of European affairs in the National Security Council ac yn ddechrau'r evenidol o'r gawsbeth ddechrau'r agenda, yr Twflaeth Bysneslyny, ac yn dweud o ymddangos cymdeithas i ddiwethaf y cyfraedd ganddi mynd i fynd, ac mae'r bythyn ni'n meddwl, ac mae'n gyda'r cyflosu. Felly yn eich gweithio, maen nhw'n ei ffordd. Rwy'n meddwl, mae'n allanom yn y dyflomat mae'r ambasau hefyd yn unig. Gallwch yn ni, ond yn gweld y nifer o'r cyfnod. Mae'n ddweud o'r cyfnod o'r gweithio'r pond, ond rydyn ni'n ymweld y bwysig i'r busig yn ystafell. Felly mae'n ddweud o'r cyfnod o'r cyfnod. Ond mae'n amser i'r pwysig i'r gweithio'r cyfnod a'r ddweud o'r cyfnod o'r cyfnod o'r cyfnod o'r gweithio'r cyfnod, ac oherwydd oherwydd o'r ffordd o'r myfyrwyr yn ysgrifennu muniwch gweithio i'r amddangos y tŵd reifun ar gywe un o cardwc ddeidw'r cyflwyfyll â ymwneud, a delightiau y complaints. Ond rydym rhoi'r ystafell ynghylch yn dechrau'r bydd y cyfoeddiaeth yma. Ond ar gyfer y cyfrugwyr, a'r cyfrugwyr yn cirthu ffordd, mae'r cyfrugwyr yn cyfrwyr, a hefyd yn cyfoedd iawn, a'n cyfrwyr yn cyrwyng. So, Ambassador, it's a great pleasure to have you here, and we look forward to hearing what you have to say. Thank you very much for that introduction, Professor Hill, and thanks to Professor Armstrong and the Centre for European Legal Studies for this very kind invitation, and to Sherman and Sterling for giving me the opportunity to deliver this year's McKenzie Stewart lecture, and I feel very honoured to be the first US government official to do so. Now, your story about going native reminds me of a little story. Apparently it's true that when Secretary Schultz would greet the newly appointed ambassadors, US ambassadors to their posts, he would call them in to his office and he would walk them over to a large globe in the corner of his office and he would ask each of them to point to your country and they would point to their country where they had been posted and they said, no, and he would put his finger on the United States, that's your country, don't ever forget it. So I kind of remember that story because yes, I have spent 25 years of my life in Europe, I'm somewhat unusual, I have dual nationality, I'm also Italian, and it was thanks to my Italian citizenship that actually started my career in Brussels in 1990, I was a stagaire in then DG4, DG competition policy, and I ended up there thanks to a wonderful Professor George Berman and many of you know Columbia Law School and I took EU law and I said, this is unbelievable, I love this subject, I have to continue and he told me about the stag, I ended up there and I fell in love with it and I practiced law in Brussels for five and a half years, mostly competition policy and anti-dumping and that led on to my, as you said, to my working at the White House and I repeat this story all over Brussels, it's absolutely true, since you haven't heard it I can actually repeat it again and it's when I started at the White House in October 1994 to work on EU affairs in the National Security Council I got a somewhat glazed look from various people and they said, well that's wonderful, you're interested in EU affairs because no one else in this building cares about that stuff and things have changed so much, so I arrived in Brussels, the wheels have returned to the beginning of my career, I started up 11 months ago and I have to say it feels like a lot more than 11 months, so much has happened, there have been so many things, so many crises all at the same time. Today some of the most important bilateral issues between Washington and Brussels arise in areas that scarcely existed when I first worked on EU issues, of course then it was focused on competition issues, on trade policy, of course those are very important still, but one subject of increasing importance, less so then, very much so now is the coordination of sanctions and I can tell you with the Greek elections this is going to be again very time consuming and very problematic. European sanctions policy today is made collaboratively in Brussels rather than in individual European capitals and this evolution has given rise to intensive diplomatic and legal engagement between Washington and EU institutions and the second topic I wanted to raise tonight also was not a big issue when I first started out 20 years ago in the White House is digital law and policy reflecting the information revolution of course and concerns about personal privacy and sovereignty and I was worried when I was told I was going to get this job and I was waiting I thought oh my God I was going to spend my entire time fighting a defensive battle in the post Snowden atmosphere well luckily it hasn't quite turned out that way and I thank almost half jokingly thank Vladimir Putin for that he's pushed that issue to page 15 if it's there rather than page one so thank you Vladimir for doing that and this probably will still be the case so what about economic sanctions the United States government coordinates sanctions with the European Union in many areas including counterterrorism, Iran and Russia the EU's ability to coordinate and implement sanctions quickly and effectively despite widely diverging national interests and exposure to Russians particular case is one of its signal foreign policy achievements in recent years and the ability of the United States and the EU to coordinate sanctions has also been a notable example of transatlantic partnership we are stronger and more effective when we send uniform messages to offending governments companies and individuals and by acting in parallel we reduce possibilities for sanctions entities to evade the bite of restrictive measures but at the same time the US government is increasingly concerned about weaknesses in the European sanctions mechanism particularly when sanctioned individuals or companies challenge the correctness of their designations before the European Court of Justice and I know there are a few people in the audience tonight who have a lot of experience in this area there's nothing inappropriate about such challenges indeed due process the right to defence is ingrained in legal systems on both sides of the Atlantic the US government faced legal challenges in our federal courts now it is the turn of the European Union to face similar searching enquiry from the judges of the European Court of Justice in Luxembourg a recent case involved an alleged terrorist financier who challenged the EU's implementation of counterterrorism activities counterterrorism sanctions excuse me that have been agreed by the United Nations Security Council in the CAUTI case that many of you may know about the Court of Justice surprised the international law community by holding that the EU's implementation of a UN Security Council resolution was subject to European fundamental rights law in other words EU fundamental rights norms effectively were to be considered legally superior to primary international law since that judgment further lawsuits have uncovered a variety of structural and procedural weaknesses in the way the EU develops and administers sanctions measures the EU's Iran sanctions for instance concentrate on penalizing entities involved in nuclear proliferation in that country feriting out the facts to justify such conduct based listings is difficult it requires teams of analysts working together across national borders often in very time sensitive circumstances the US has learned the lesson the hard way in the 1990s when our government first used economic sanctions as a primary foreign policy tool we lost some cases before US federal courts because we hadn't done our factual homework properly today we have a sizable staff in our state and Treasury departments devoted to assembling detailed evidence that will stand up in court and as a result very few sanctions listings are successfully challenged in the United States the European Union has been slower to devote the additional resources needed to develop factual records that will withstand rigorous judicial scrutiny and it has paid the price most recently in the extraordinary decision by the court in December of last year to one know the EU's inclusion of Hamas in a list of terrorist groups according to the court the EU had based its periodic relisting on quote factual imputations derived from the press and the internet unquote rather than on its own analysis of the group's actions some key member states such as the UK fully appreciate the problem they've begun begun lending more experts to the European external action service and are providing it with better unclassified documentation the United States is also lending a hand in providing information and research support to the EEAS the external action service but satisfying the need for evidentiary support can sometimes be very challenging especially when countries act in a clandestine manner to pursue terrorism and illicit proliferation for example in these instances relevant evidence can only come from intelligence sources the general court of the European Union which hears sanctions challenges in the first instance currently has no authority to receive or handle confidential classified information in the United States on the other hand federal judges with security vetting are able to review both unclassified and classified portions of an administrative record following several recent annulments by the court of EU designations of Iranian entities the EU is recognized the need for a change in the court's rules to enable examination of classified information now although the divergence in member state legal traditions on the use of classified information in judicial proceedings has complicated the development of new common rules approval seems to be now within reach the United States is encouraged to see that the EU is strengthening its capability administratively and judicially to promulgate and sustain sanctions designations this is not only of critical importance in our common efforts to combat terrorism and apply pressure on Iran but also in our common efforts to apply pressure on Russia to change its aggressive behavior toward Ukraine just imagine if the challenges now to the designations of individuals that have been launched by have been filed by Russians in Ukraine and succeed the risk is the entire edifice of the EU sanctions regime is at risk with dramatic consequences what about data privacy where as the United States and the European Union are collaborating on sanctions the issue of data privacy has been as I alluded to earlier dividing us even before Edward Snowden surveillance disclosures raised European sensitivities to a higher pitch this is a pity because it puts at risk important agreements that promote transatlantic data transfer to facilitate commerce protect privacy and secure our borders for example the 2000 safe harbor framework regulates the export of personal data in the commercial context from the territory of the EU to the United States in the 2012 passenger name record agreement similarly facilitates the flow of information on transatlantic airline passengers for counter terrorism purposes and now PNR is very much in the news but more in the context of an EU passenger name record system which has been blocked by the parliament but is now being pushed by the member states today US and European Commission negotiators are finalizing revisions to the safe harbor framework that will modernize and improve its functioning and at the same time a separate team of negotiators is in the final stages of work on a so-called umbrella law enforcement data protection agreement that would establish a comprehensive framework for information sharing between law enforcement authorities but as we negotiate rulings again from the EU courts are raising new challenges for the future of these agreements in April of last year for example the European Court of Justice invalidated the EU's data retention directive law which had required member state communication providers to retain meta data for up to two years so that it would be available when needed by law enforcement investigations two features of the court judgment were particularly striking first the court appeared to suggest that any retention of personal data in bulk was simply inconsistent with EU fundamental rights precepts second it criticized the EU directive for not requiring the collected data be retained within the territory of the European Union where European data protection authorities could exercise supervisory control over it not surprisingly critics of international law enforcement information sharing have seized upon this judgment to challenge the appropriateness of sharing of airline passenger name records when the European Commission asked the European Parliament to approve its conclusion of such an agreement with Canada the immediate parliamentary response was to seek the court of justice opinion whether the envisaged information sharing is consistent with EU fundamental rights it will take some time before we know the answer to that question and this uncertainty could weigh on the revived discussion now taking place in the European Parliament on whether in the wake of the Paris terrorist attacks to create an EU system for sharing passenger record data among member states over the next year the ECJ just goes to show you the ECJ is the center of everything will also be examining the proposition that Facebook's transfer of personal data from Ireland to the United States should not in the light of the Snowden revelations any longer be considered conclusively to fall under the so-called adequacy finding afforded to the US safe harbor framework this is a case that was launched by an Austrian law student in iron this goes to show the trouble that law students can create Mr Maximilian Shrens if the court agrees all of the EU agreements with third states regarding data privacy would be at risk and adequacy finding by the European Commission would have no value if any European data protection authority could reach an independent national verdict last year the court again the court also ruled that a search engine operator this is the Google right to be forgotten case is obliged to remove from the search results initiated by using the data subjects name as a search term any links to pages where information related to the data subject is irrelevant or excessive this also applies to information that happens to be truthful accurate and not prejudicial to that individual the ruling in effect proclaim an individual's right to be forgotten and while the courts ruling only addressed this requirement internet search engines oriented toward persons within the EU European national data protection authorities have quickly added their opinion that Google and its competitors also should honor such European requests worldwide in other words by making deletions from search results generated in the United States regardless of the first amendment to the US Constitution guaranteeing free speech and implicitly the public's right to know some other countries which aim to control the internet are only too happy to see free speech in the public's right to information on the internet circumstrived in this way on the continent the Google Spain judgment was widely hailed as an appropriate step to preserve individual sense of dignity in a brave new internet world where once personal details are all too easily discovered but in some countries particularly in the United States and in this country other concerns have predominated should search engines which have become a fundamental research tool be empowered to prevent public access to information doesn't this have significant adverse implications for the freedom of expression of value that both the United States and European governments staunchly proclaim across the globe and should search engines or government officials be deciding what is relevant for researchers to see they're no easy answers to legal policy challenges presented by the information revolution part of the difficulty stems from markedly different American and European attitudes toward privacy and that's partly what makes this job so fascinating is that here we have to deal with different conceptions on this issue different perspectives according to a recent poll by a scholar post practitioners for example believe that the EU approach to privacy is mostly process only occasionally enforced largely blind to consumer and societal benefits of data flows and hostile to innovative technology their German counterparts believe that US law lacks a full body concept of individual privacy rights that the government genetically defend such rights and that US law is a confusing patchwork of federal and state statutes that are incomplete in their coverage and I suspect that many privacy lawyers from other EU member states would share that German view but it's too facile to say that Americans are from Mars Europeans are from Venus when it comes to privacy protections yes data protection is a fundamental right expressly enshrined in the EU's newly developed charter fundamental rights when the vendor while the venerable US Constitution of 1789 does not mention privacy explicitly but the fourth amendment of the US bill of rights did establish the right of the people quote to be secure in their persons houses papers at effects on reasonable searches and seizures a constitutional provision that is given rise to a rich and ever evolving body of judge made criminal law rules in addition over the years a series of Supreme Court cases have developed the concept of an individual's reasonable expectation of privacy to the point that today it is a widely considered is widely considered implicit US constitutional right now similarly the fair information practice principles that lie the core of both US and European data protection law were first devised in the United States in 1970s and were imported to Europe governmental enforcement of privacy laws in the United States is robust the US Federal Trade Commission has wide authority to sanction consumer fraud and unfair trade practices which it has used to construct an important common law jurisprudence of consumer privacy protections it ensures that companies comply with their announced privacy policies including commitments they have undertaken under the safe harbor framework and additionally some states like California which lead on many issues have legislated privacy requirements for local companies going beyond federal law justice significantly over the long term privacy norms are being increasingly internalized by US companies that hire privacy officers not only to ensure compliance with the law but also to be involved in strategy and risk management and that has been described as privacy on the ground compared to the European approach perhaps we call a privacy on the books. President Obama recognizes the need to adapt consumer privacy protections to the new realities of the information age legislation creating consumer privacy bill of rights is being introduced into the new Congress and announcing his proposal the president observed we pioneered the internet but we also pioneered the bill of rights and a sense that each of us as individuals have a sphere of privacy around us that should not be breached whether by our government or but also by commercial interests. Another area where surely Europe and the United States can find more common ground is privacy enforcement already a measure of practical cooperation exists US Federal Trade Commission for example has relied on Ireland's privacy regulator for information relevant to its proceedings against global technology companies. A global privacy enforcement network of regulators formed under the auspices of the organization for economic cooperation development OECD enables such informal cooperation to deepen. Formal arrangements between the FTC and its privacy enforcement counterparts in EU member states are starting to proliferate and one with the European Commission is again under consideration. Finding durable accommodations between differing privacy law systems matters not only for the confidence of individuals and companies moving information across the Atlantic it is also crucial for the economic health of the Internet and of our respective economies as a whole. Almost all of the growth in US services imports and exports over the past decade has come from internet related services. The United States and the European Union are each other's biggest customers for digital services. Both of us are net exporters of digital services to the rest of the world and we use significant quantities of each other's digital services and producing traditional exports as well. Transatlantic data flows not measured in trade statistics are also themselves important enablers of commerce such as research data and cloud services. The beneficiaries of expanding digital economy not just the American tech companies the tech giants which we hear about so much. Successful European internet startup companies have emerged in substantial numbers building incidentally off the platforms provided by some of those very US companies. According to a 2014 study Europe has produced 30 technology companies worth more than a billion dollars since 2000 comparing well with the United States which produced 39 billion dollar companies between 2000 and 2013. You can think of various cases like Sweden's Spotify or UK's King Digital or Germany's Orlando. To cite just one example the launch of Apple's iTunes app store in 2008 created industry from scratch. That's not only delighted consumers worldwide it's also spawned significant business and job growth including in Europe. According to report prepared for the European Commission EU app developers took in 17.5 billion euros in revenue in 2013 17.5 billion euros. That figure is forecast to increase to 63 billion euros in 2018 and I hate to say this but it's almost heretical. Those figures actually make t-tip look like not the only game in town. These are real numbers the same report predicted that the EU app developer workforce will grow from 1 million to 2.8 million over the same period. Huge benefits also extend well beyond internet related companies to other sectors including financial services marketing retail manufacturing heavy industry and design and engineering. Germany has clearly recognized the economic growth potential of digitalizing traditional industries in the development of its industry 4.0 strategy. Which will apply advances in the internet of things and big data analytics to manufacturing engineering and logistics. The digital revolution also holds great promise for improving the functioning of governments increasing labor productivity and advancing social welfare. I was reading a remarkable study by the McKinsey Global Institute which said that the use of data analytics in the European public sector could save more than 100 billion euros in operational efficiency improvements. Again figures that make t-tip look like not the only game in town. Big data analysis also offers many promising prospects for energy and transportation efficiency health care and life sciences and education among others. Estonia's ambitious e-government and public data framework is a good example. It allows all publicly owned personal data in anonymized form to be put into the public domain for advanced analytics. This led to a boom in new data-driven businesses fostering economic growth and improved public services. Awareness in Brussels of the centrality of digital trade to economic growth and social welfare in Europe has been rapidly increasing. New Commission President Jean-Claude Juncker at his platform is very clear. He's put the creation of a single digital market at the top center of his agenda stating that quote, the internet and digital communications can transform our economies as profoundly as the steam engine did in the 18th century or electricity did in the 19th century. And we think that's true. But we also must face the fact that rapid technological change has generated reaction. More so in Europe than in the United States. Nealey Crose, formerly the European Commissioner in charge of digital agenda, has warned openly about the risks. In an article entitled Europe needs data protection not data protectionism she warned that Europe will not be connected, competitive, open and secure if we run away from data. Data protection law is not the only area where there is risk of protectionism at the EU level. In recent months proposals for a European cloud and for a shengen of data have also proliferated in Brussels and other European capitals. France and Germany have been in the forefront of these efforts tending towards fragmentation of the internet. In 2013 the French government released a national innovation plan with the goal of building a France of digital sovereignty says that call for the advancing the cloud sovereign among other measures. At the same time Deutsche Telecom launched with the support of the Interior Minister email made in Germany that sounds great. A service that routes data exclusively through domestic servers. These measures leading to a balkanisation of the internet or digital autarchy are not what Europe needs. A recent study underwritten by the European Union found that forcing localized data storage or routing would damage a free and open internet would not be effective in protecting against foreign surveillance and lead to an inefficient allocation of resources. In an era of digitally enabled global supply chains, manufacturing and exports are heavily dependent on secure, cost efficient and real time access to data across borders. As Neely Crows argued, quote, keep our data locked up in Europe, engage in an impossible dream of isolation and we lose an opportunity without gaining any security. Information security is not simply a function of where data is physically stored or processed, threats are often domestic, so storing information in only one physical location in fact could increase vulnerability. Now t-tip, which is all over the press. We're negotiating with the EU and we will need to ensure that cross-border data flows and data processing may take place free from discriminatory terms and trade distorting conditions with exceptions limited to legitimate public policy objectives and only in full compliance with the WTO general agreement on trade and services. With cloud computing blurring jurisdictional boundaries, we need to make sure that data protection doesn't become a disguise for data protectionism. Recently ideas for data taxes, heightened scrutiny of internet companies under competition laws and even EU level regulation of internet service providers have garnered attention. Government should take a cautious and a balanced approach to such proposals to minimize the risk of unintended consequences for making data flows more costly. In November, some of you may have seen, the European Parliament recommended that the European Commission break up Google, unbundled Google, it's too big, too big a market share. Now even though it was a non-binding resolution, it was noteworthy for several reasons. First, it politicized a long-running and complex antitrust investigation at a time when the new competition commission had barely gotten her feet under her desk, barely had a time to appoint herself with a file. In addition, it was clearly inspired by joint French and German government recommendations seeking specific regulation of internet platform operators above and beyond existing antitrust laws and treating such platforms as essential facilities, ignoring the distinction between the fast moving digital economy and traditional industries. The resolution, not surprisingly, triggered a strong reaction from the US House and Senate and similar initiatives I fear if they happen, risk undermining support for TTIP in the United States. We believe that questions of market dominance are best dealt with by rigorous competition authorities. Continuing innovation and competitive challenge may in the end offer better guarantee fairness in the marketplace than new prescriptive X anti-regulations that inevitably will lag behind technological advancement. Companies that today enjoy a strong position in the digital marketplace may not be able to sustain their positions as Nimbler competitors continue to introduce disruptive technologies. And we've seen this before. We just look back at so many instances where those who have market power today in a fast moving industry quickly lose their market power tomorrow. Consumers are entitled, of course, to reasonable data protection, including against the potential abuse and misuse of their private data. But as the Lisbon Council study concluded, these guarantees should not be allowed to degenerate into disguised protectionism or the hidden promotion of underperforming national champions. Policy initiatives in Europe appear to be obsessively preoccupied with the success of American companies, rather than focusing on laying the groundwork for future success of European innovation. Now, it's rather interesting. I often hear the criticisms of Google, of Facebook, of Apple. And in the same breath, some of these critics say, I wish we had a Google, Facebook or Apple. I said, wait a minute, if they're so bad, why does Europe want to create exactly the same model? You should be focusing on the industries of the future rather than looking in the back in the rear view mirror. Too often in Europe, we see policy initiatives grounded in the false assumptions that all data driven businesses are violating consumer rights or abusing their data. As the European digital form is argued, overreaction to data privacy concerns could lead to policy initiatives that prevent data analytics businesses from flourishing in Europe, a mistake, we believe, of historic proportions. Efforts to protect European consumers against successful US digital businesses could damage European startup entrepreneurship. This, in turn, could make Europe, as the study argued, could make Europe into a permanent no-go zone for data driven businesses of all types, and further harm Europe's economic growth prospects. Two decades ago, the United States Telecommunications Regulator, the Federal Communications Commission led by my predecessor, Bill Conard, who is also US Ambassador to the EU, made a ffarsighted decision not to regulate internet service providers in the same intrusive way as telephone companies. Had the FCC decided differently, we would not have seen very likely the same scale and scope of innovation and value creation in this industry. It is indeed an uncertain and evolving digital policy and legal landscape that the United States confronts in Europe. But just as we in the EU have advanced our foreign policy goals through coordinating sanctions policies, I'm confident that we will find a way forward together on the digital challenges. European Commission Vice President Andrews Ansep, who's anestonian, very relevant I think, has said that his aim is, quote, to make sure that Europe, its citizens and businesses, get the best of the online world in the safest and most open environment possible. That means openness and opportunity, not obstacles. We share that vision and we look forward to collaborating in its implementation. That concludes my comments. I look forward to your questions and for our debate. Thanks very much.