Key EU data transfer tools in focus in Facebook, Schrems clash

The latest clash between Facebook and Austrian privacy activist Max Schrems could disrupt hundreds of thousands of companies as Europe’s top court rules on Thursday on the legality of tools companies use to transfer Europeans’ data around the world.

FILE PHOTO: A 3D-printed Facebook logo is seen placed on a keyboard in this illustration taken March 25, 2020.

LUXEMBOURG: The latest clash between Facebook and Austrian privacy activist Max Schrems could disrupt hundreds of thousands of companies as Europe’s top court rules on Thursday on the legality of tools companies use to transfer Europeans’ data around the world.

At stake are standard contractual clauses used by Facebook, banks, industrial giants, carmakers and others to transfer personal data to the United States and other parts of the world for services ranging from cloud infrastructure, data hosting, payroll and finance to marketing.

Another key issue is whether the EU-U.S. Privacy Shield, set up in 2016 to protect Europeans’ personal data transferred across the Atlantic for commercial use, is lawful or not. The same court rejected its predecessor known as Safe Harbour.

If the court finds the mechanisms are illegal, companies could have to suspend the data transfers that underpin standard contractual clauses or face hefty fines for breach of EU privacy laws. Other options are costly and complex and seldom used.

The latest case – C-311/18 Facebook Ireland and Schrems – came before the Luxembourg-based Court of Justice of the European Union (CJEU) after Schrems challenged Facebook’s use of standard clauses as lacking sufficient data protection safeguards.

Schrems shot to fame for winning a legal battle in 2015 to overturn Safe Harbour. EU concerns about data transfers mounted after former U.S. intelligence contractor Edward Snowden’s revelations in 2013 of mass U.S. surveillance.

The Irish Data Protection agency, which is Facebook’s lead regulator, took the case to the Irish High Court, which then sought guidance from the CJEU.

Last December a CJEU adviser said such data transfer mechanisms were legal with the caveat that they could be blocked if countries receiving such information fail to meet European data protection standards.

In the EU, the General Data Protection Regulation (GDPR), introduced in 2018, seeks to increase individuals’ control over their personal information. Companies that fail to comply are liable to fines of up to 4per cent of global annual turnover.

Z24 News

Leave a Reply

Your email address will not be published.

Next Post

US judge confirms Berkshire Hathaway unit's 643 million euro award against German pipemaker

Wed Jul 15 , 2020
A U.S. judge on Wednesday confirmed a 643 million euro (US$734 million) award in favor of a unit of Warren Buffett’s Berkshire Hathaway Inc that claimed it was fraudulently induced to buy a German pipemaker that had inflated sales to look profitable. NEW YORK: A U.S. judge on Wednesday confirmed […]

Share

Social menu is not set. You need to create menu and assign it to Social Menu on Menu Settings.