Ireland asks Europe’s top court to rule on EU-U.S. data transfers
• Ireland’s High Court on Tuesday said it would ask the EU’s top court to decide whether to ban the way in which internet firms such as Facebook transfer users’ data to the United States in a case with major implications for companies.
The case is the latest to question whether methods used by large tech firms such as Google and Apple to transfer data outside the 28-nation European Union give EU consumers sufficient protection from U.S. surveillance.
Data privacy is under the spotlight after revelations in 2013 by former U. S. intelligence contractor Edward Snowden of mass U. S. surveillance caused political outrage in Europe.
Irish High Court Judge Caroline Costello said she had decided to ask the European Court of Justice ( ECJ) for a preliminary ruling.
“European Union l aw guarantees a high level of protection to EU citizens ... they are entitled to an equivalent high level of protection when their data is transferred outside of the European Economic Area,” she said.
The Irish Data Protection Commissioner’s office initially became involved after Austrian law student and privacy activist Max Schrems made a complaint in Dublin about Facebook’s handling of his data in the United States.
The judge said the Irish Data Protection Commissioner “has raised wellfounded concerns that there is an absence of an effective remedy in U. S. law compatible with the requirements of Article 47 of the Charter ( of Fundamental Rights).”
She said that a newly created U. S. ombudsperson dealing with Europeans’ complaints about U. S. surveillance did not eliminate those concerns.
Costello also said she was not delivering any value judgment on the data protection laws in the EU or U.S.
A Facebook spokeswoman said it was essential the EU court “considers the extensive evidence demonstrating the robust protections in place under Standard Contractual Clauses (SCCs) and U. S. law, before it makes any decision that may endanger the transfer of data across the Atlantic and around the globe.”
The company has previously said the case could lead to a breakdown in transatlantic data transfers that could knock EU economic output by up to 1.3 per cent.
A ruling by the ECJ against the common legal arrangements used by thousands of firms to transfer personal data outside the EU could cause major headaches for companies. Millions of these transfers happen every day and include credit card transactions, hotel bookings or moving employee data between countries.
Schrems said he hoped the ECJ would force the EU and the U. S. to finally deal with the gap between what he said were stricter privacy rules enjoyed by Facebook users in Europe compared to those that apply to its servers in California.
“I hope we will get a decision that ends this ping-pong and stops kicking the can down the road,” he said.
Schrems also said he did not expect the legal arrangements — the standard contractual clauses — to be banned by the EU court.
The Business Software Alliance lobby group, which represents the global software industry, said it hoped the ECJ would focus on how specific SCCs are used rather than whether or not they should be allowed at all, as clauses can be adapted to provide more protections.
Law firm Linklaters said it believed the ECJ was unlikely to halt the data transfers but that its ruling could lead to safeguards that could add to costs. “This decision will be closely watched by many businesses as it could have significant implications for their ability to transfer personal data internationally,” Richard Cumbley of Linklaters’ technology group, said.
I HOPE WE WILL GET A DECISION THAT ENDS THIS PING-PONG.