Ireland’s data protection commissioner suggests that data transfers between the US and European Union fail to sufficiently protect citizens’ right to privacy.
Concerns have been raised over whether such transfers could be subject to mass surveillance by US intelligence agencies. However, the social media giant has emphasised that data protection safeguards were, and still remain, in place.
The ruling against Facebook could potentially undermine the basis on which many businesses send data across the Atlantic – and could deal a hammer blow to other technology heavyweights.
Currently, Facebook transfers vast amounts of personal data about EU users to servers in the US, which spans everything from people’s names to information about their online activity.
In 2013, documents published by ex-CIA contractor Edward Snowden suggested Facebook was a target of “Prism”, a US National Security Agency’s mass surveillance programme. Consequently, privacy activist Max Schrems successfully challenged the previous mechanism for EU-US data transfers, Safe Harbour, in court.
The alternative legal framework Facebook has used since is called “standard contractual clauses” (SCCs). However, the Irish data protection commissioner has emphasised that SCCs are not fit for purpose given the possibility of intelligence agency surveillance.
Legal Expert Orla Lynskey, at the London School of Economics, explained that if the Court of Justice of the European Union (CJEU) decide that SCCs are inadequate, the ruling would have huge implications for Facebook and other businesses.
- Digital Bank Fidor to Close its Doors in the UK Amid Uncertainties
- New Computer Chip Operations Could Significantly Speed Up Data Operations
- Facial Recognition in China Praised by Metropolitan Police Federation
“That would have a very significant impact for companies,” she said. “The big question is, when assessing whether or not data can go to third countries [outside the EU], should we be taking into consideration potential access by intelligence or law enforcement agencies?”
Associate general counsel for Facebook, Jack Gilbert, said the social network was “grateful” for the consideration of the CJEU.
He stated: “Standard contractual clauses provide important safeguards to ensure that Europeans’ data are protected once transferred overseas. SCCs have been designed and endorsed by the European Commission and enable thousands of Europeans to do business worldwide.”