Facebook may have to stop moving EU user data to US

London, September 10

Facebook could also be compelled to cease sending knowledge about its European customers to the US, within the first main fallout from a current court docket ruling that discovered some trans-Atlantic knowledge transfers do not defend customers from American authorities snooping.

The social community mentioned on Wednesday that Ireland’s Data Protection Commission had began an inquiry into how Facebook shifts knowledge from the European Union to the United States.

The information was first reported by the Wall Street Journal, which mentioned Ireland’s knowledge fee gave Facebook till mid-September to reply to a preliminary order to droop the transfers.

The consequence may very well be that the US tech large, which has knowledge facilities world wide, is compelled to undertake a expensive and complicated revamp of its operations to make sure that European person knowledge is saved out of the US,

“A scarcity of protected, safe and authorized worldwide knowledge transfers would injury the financial system and hamper the expansion of data-driven companies within the EU, simply as we search a restoration from COVID-19,” Facebook’s vice-president of worldwide affairs and communications, Nick Clegg, wrote in a weblog submit.

The Irish knowledge fee steered {that a} kind of authorized mechanism governing the information transfers, generally known as customary contractual clauses, “cannot in practice be used for EU-US data transfers”, mentioned Clegg.

The fee, which didn’t reply to a request for remark, is Facebook’s lead privateness regulator in Europe and may effective firms as much as four per cent of annual income for knowledge breaches.

It’s the primary main transfer by a European regulator after the EU’s prime court docket issued a ruling in July on the 2 kinds of authorized mechanisms used to control knowledge transfers.

The European Court of Justice invalidated an settlement generally known as Privacy Shield and determined that the usual authorized clauses have been nonetheless OK. But in instances the place there are issues about knowledge privateness, EU regulators ought to vet, and if wanted block, the switch of information.

It’s the most recent growth in a case that originated greater than seven years in the past, when Max Schrems, an Austrian privateness activist, filed a criticism in regards to the dealing with of his Facebook knowledge after former US National Security Agency contractor Edward Snowden revealed the American authorities was eavesdropping on folks’s on-line knowledge and communications. The revelations included element on how Facebook gave US safety businesses entry to the private knowledge of Europeans.

Though the case particularly targets Facebook, it might have far-reaching implications for different tech giants’ operations in Europe. In Facebook’s case, for instance, messages between Europeans must keep in Europe, which may be difficult and require the platform to be cut up up, Schrems has mentioned. AP