Facebook could be forced to rethink its legal position regarding transfers of data of EU citizens to the US, as the CJEU considers the validity of standard contractual clauses that many businesses rely on.
Austrian lawyer and privacy activist Max Schrems is calling for the Irish data protection authority to finally take action to enforce European data protection rules on Facebook.
The call comes as the Court of Justice of the European Union (CJEU) hears a case on EU-US data transfers and mass surveillance by the US government.
The case centres around a complaint by Schrems against Facebook in 2013 as a result of revelations by whistleblower Edward Snowden’s disclosure that Facebook allows the US intelligence services access to personal data of Europeans under surveillance programmes such as Prism.
Commenting on the case, Adam Rose, data protection partner at legal firm Mishcon de Reya, said Schrems previously convinced the CJEU to agree with his argument that the bilateral agreement between the EU and the US, under the title of the Safe Harbor scheme, did not give Europeans sufficient protection for their personal data if it was sent to the US, and as a result the EU and the US agreed a new deal, known as the Privacy Shield.
“The model clauses, which Mr Schrems is now challenging, presumably face the same limitations and loopholes as the Safe Harbor scheme did, and one would expect that the European Court will again agree with him,” said Rose.
“If that happens, it blows a massive hole through the system set up some years ago to enable the smooth transfer of personal data from the EU to the US.”
Read the full article in Computer Weekly here.
Adam Rose also featured on BBC World News 'Talking Business with Aaron Heslehurst' commenting on this case.