Following the revelations of the US National Security Agency (NSA) and the UK`s GCHQ (General Communications Headquarters), agreements on the transfer of personal data from the EU to the US have been put to the test. Serious doubts have been raised about the relevance of the (previous) agreements, including the European Commission`s adequacy decision on the Safe Harbour, PNR agreements between the EU and the US, etc. – including agreements (including mutual legal aid contracts, MLATs) relating to data transfer by law enforcement agencies (LEA) in EU Member States and by EU judicial and police cooperation authorities, such as Europol or Eurodac, to DIE LEA in the US. One of the results of this review was the opening of a dialogue between the EU and the United States with a view to adopting a new agreement on these latest types of data exchange. This new agreement was intended to cover the entire exchange of LEA data under one of the specific agreements: it would be an “umbrella agreement” which would not itself provide a new legal basis for such data exchange, but that would place the exchange between existing (and future) data transfer agreements in a new set of cross-cutting rules and principles, including new remedies for persons protected by EU law (including the Charter). 36.La European Commission states that the PCJ Directive “will ensure that data relating to victims, witnesses and suspects of criminal offences are properly protected in the context of criminal investigation or law enforcement action.” It assumes that “more harmonised laws will also facilitate cross-border cooperation between police and prosecutors in order to more effectively combat crime and terrorism across Europe.” 44 Personal data is dangerous, particularly when it is dealt with in a context – that is, repressive and anti-terrorist/national measures – where it can, by its very nature, serve as the basis for measures that have a serious impact on the rights and freedoms of the persons concerned. Apparently incriminating but factually incorrect information, or illegitimate assessments of individuals – z.B. as “suspicious” or “high risk” on an anti-terrorism list – can lead to repressive measures on the part of LEAs (and NSOs), if they have executive and coercive powers, as in the United States, and if the data can be shared with them, as is often the case in the EU and the United States), from incorrect registration on a non-theft list to wrongful arrests, arrests and interrogations, to prison sentences, or worse. 59.The framework agreement does not itself authorize the transfer of personal data to the United States. On the contrary, general data protection principles and standards should apply to data transfer agreements between the United States and the EU or between the United States and the United States for law enforcement purposes. The agreement therefore complements existing agreements to the extent that they do not have the necessary data protection safeguards. It applies, for example, to data transfers under existing agreements, such as the EU-US Legal Assistance Treaty, and to existing agreements providing for the transfer of personal data by private entities for law enforcement purposes. B such as the EU-US agreement on passenger records and the terrorism financing monitoring programme.