c.2013 New York Times News Service

c.2013 New York Times News Service

LONDON — The European Commission demanded on Wednesday that the American authorities take greater care in protecting European citizens’ personal data. But it did not take steps to change the rules that allow American companies like Google and Microsoft to compile that data.

The statement by the commission came against a running debate between European and American officials over online data protection, a discussion that has become increasingly tense after a series of revelations by Edward J. Snowden, the former National Security Agency contractor, about electronic surveillance by the United States in Europe.

“Massive spying on our citizens, companies and leaders is unacceptable,” Viviane Reding, the European justice commissioner, said in a statement Wednesday. “There is now a window of opportunity to rebuild trust, which we expect our American partners to use.”

A so-called safe harbor agreement between Europe and the United States, in place since 2000, enables American technology companies to compile data generated by their European clients in their web searches and other online activities.

The companies can use the data for business and marketing purposes in the United States, even though Europe’s rules governing online data privacy tend to be more stringent than American rules.

Under the agreement, more than 3,000 European and American companies are expected to treat the information with the same privacy protections as if it had remained within the European Union.

European politicians, however, have raised concerns that the current arrangement allows the U.S. government access to data without the express permission of European citizens. And they note that American companies have acknowledged providing information gathered in Europe to U.S. law enforcement agencies.

Representatives of Google and Microsoft in Europe were not immediately available for comment.

The statement by Reding came after a five-month review of the agreement. Policymakers at the commission and the European Parliament are completing a draft regulation that could fine companies up to 100 million euros, roughly $136 million, or 5 percent of a company’s global annual revenue, whichever is higher, if they fail to protect consumers’ personal data.

Last month, several members of the European Parliament proposed measures that would require big American online companies to gain approval from European officials before complying with U.S. warrants seeking citizens’ data.

In its statement Wednesday, the European Commission asked U.S. regulators to increase transparency over how European citizens’ data was used by American companies.

European policymakers also want individuals not residing in the United States to be given access to a judicial review process if they believe their data has been used without the correct permission, and to limit the amount of data to which the U.S. government has access.

U.S. authorities say they have clamped down on several companies, including Google and Facebook, that have inappropriately used consumers’ data. They also say that the current safe harbor pact remains an effective way of protecting online data for both American and European consumers.