Site   Web

October 6, 2015

High Court Rules European-U.S. Data Sharing Illegal

Judgment Has Major Ramifications for Facebook

Flickr photo by Maria Elena

A ruling by Europe’s highest court makes illegal a deal between the European Union and the United States that permits the transfer of personal data.

Known as Safe Harbor, the arrangement was created to bridge the differences between the two continents’ approaches to privacy and provide a streamlined means for U.S. organizations to comply with European data protection laws.

Today’s ruling by the European Court of Justice, however, is bad news for U.S. tech companies like Facebook that rely on the agreement for the transfer of data about European users back to the U.S.

The court has told the supervisory authority in Ireland ­— the country where Facebook has its European headquarters — to investigate the social media firm’s activities.

Upon completing the investigation, the Irish regulator must decide if the transfer of the data of Facebook’s European subscribers to the United States “should be suspended on the ground that that country does not afford an adequate level of protection of personal data.”

Austrian law student Max Schrems, who first challenged Safe Harbor back in 2012 by launching a class action against Facebook, said he was pleased with the court’s judgment because it “draws a clear line.”

“This decision is a major blow for US global surveillance that heavily relies on private partners,” Schrems said in a statement. “The judgement makes it clear that US businesses cannot simply aid U.S. espionage efforts in violation of European fundamental rights. At the same time this case law will be a milestone for constitutional challenges against similar surveillance conducted by EU member states.”

Facebook has repeatedly refuted accusations of privacy violations, saying not only does its update privacy policy comply with all relevant laws, but that it does not share user data with law enforcement unless legally compelled to do so. The company has also said its “technology protects people from spam, malware, and other attacks, that our practices are consistent with EU law.”

Facebook has maintained that because its European headquarters are located in Dublin, its practices are subject only to Irish laws.


Jennifer Cowan is the Managing Editor for SiteProNews.