View all newsletters
Receive our newsletter – data, insights and analysis delivered to you
  1. Policy
July 9, 2019

EU – US Data Sharing Row Hits Europe’s Highest Court

"We are proposing a measured solution..."

By CBR Staff Writer

Privacy lawyer and activist Max Schrems wants the Privacy Shield data sharing agreement between the EU and the US struck down. Today Europe’s highest court will hear his argument.

The case has its roots in a complaint made by Schrems against Facebook in 2013. The complaint specifically seeks to stop EU-US data transfers by Facebook Ireland Ltd., and was triggered by the Edward Snowden revelations that Facebook allows the US intelligence services to access the personal data of Europeans under surveillance programs like “PRISM”.

https://twitter.com/maxschrems/status/1148226219781054465

Schrems’ team argues that “Standard Contractual Clauses” (SCCs), the data sharing mechanism used by Facebook to make the transfers, if applied correctly, can be used to stop Facebook transferring EU data to the US.

(The Irish Data Protection Commissioner, meanwhile, takes the view that the SCCs themselves are invalid.)

Schrems holds that the European Commission’s assessment of US privacy laws being robust enough – a decision that shores up the ongoing use of Privacy Shield – “does not adequately describe US surveillance laws, is not even remotely capable of providing adequate privacy protections,and [Privacy Shield] must therefore be invalidated.”

Schrems said in a statement this week: “We are proposing a measured solution: The Irish DPC [Data Protection Commissioner] must simply enforce the rules properly, instead of kicking the case back to Luxembourg over and over. This case has been pending for six years. Over these six years,the DPC has actually decided in a mere 2-3 percent of the cases that were brought before it. We don’t have a problem with ‘Standard Contractual Clauses’, we have a problem with enforcement.”

Content from our partners
Incumbent banks must transform at speed, or miss the benefits of open banking
Leverage cloud and expertise to optimise engagements from onboarding to conclusion
How enterprises can best prepare for finance digitalisation

See also: UPDATED: Irish High Court Warns of “Potentially Grave Prejudice” in Landmark Facebook Ruling

As Peter Church, counsel at law firm Linklaters‘ technology practice put it in a guest post for Computer Business Review last week: ” The Irish High Court conducted a detailed review of the various surveillance powers available under FISA, the USA-PATRIOT Act and under Executive Order 12333 to assess this question. It also explored the many layers of review and oversight for these powers through the FISA Court, Presidential Policy Directive 28, private litigation and the new Privacy Shield Ombudsman.

“While the US authorities’ powers are subject to various checks and balances, the Irish High Court decided those safeguards were not sufficient. The chief criticism was that EU citizens do not have an adequate remedy if their data is misused. This breaches the right to remedy under Article 47 of the EU Charter of Fundamental Rights. The dispute raises significant issues under EU law, so the Irish High Court referred a number of questions to the European Court of Justice.”

A ruling is expected later this year and is likely to be appealed again. Facebook has been contacted for comment.

 

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU