Irish privacy watchdog DPC is allowed to continue investigating Facebook data exchange between Europe and the US. The watchdog wants to stop these data transfers because the standard contractual clause under which data protection is regulated will not be sufficient.
Ireland’s data protection committee ruled in 2020 that Facebook should stop transferring European user data to servers in the US after To an illegal advertisement From the Privacy Shield Agreement. It would not provide adequate protection against disproportionate surveillance by the US authorities.
After that judgment is only so-called Standard contractual terms Around; The legality of such a clause varies from case to case and depends on whether there are effective mechanisms in place to ensure compliance with the level of data protection desired by the European Union. Irish Privacy Watch I do not think so. The social networking site Facebook resume Against the order, which led to the proceedings to be postponed until now.
After the Irish Supreme Court ruling, the Data Protection Commission can resume its work. The oversight body must complete its investigation and the resulting suspension order, the latter must also be approved by other EU privacy protectors. This could take months and during that time Facebook still has an option to challenge the action even further. He writes among other things The Wall Street Journal.
If Facebook’s standard contractual clause is already declared invalid, the company will no longer be permitted to store European user data on US soil. This means it must return data to Europe or suspend services to Europeans. A new legal framework for exchanging data between the two continents would be a solution to that, but this is not available now.
Much depends on the measure, as it could set a precedent that would have massive impacts on the myriad of companies sharing data between the two continents. Facebook is dealing with Ireland’s data protector because the company has set up its headquarters in that country.