Facebook privacy campaign
A privacy campaigner has scored a legal victory that could bolster his attempts to prevent Facebook from being able to pass EU citizens’ data to the US authorities
An opinion issued by the European Court of Justice says that current data-sharing rules between the 28-nation bloc and the US are “invalid”.The decision could affect other tech firms’ abilities to send Europeans’ information to US data centres.
However, it is not a final judgement.Although the EU’s highest court tends to follow the opinions of its legal adviser, the 15 judges involved have yet to issue a conclusive ruling of their own on the matter.
Even so, Max Schrems – the activist who prompted the case – suggests there could be far-reaching consequences.
Safe harbour
The origins of Mr Schrems’ dispute with Facebook can be traced back to whistleblower Edward Snowden’s leaks about US cyberspies’ activities.In 2013, Snowden released details about a surveillance scheme operated by the NSA called Prism, which provided officials with ways to scrutinise data held by US tech firms about Europeans and other foreign citizens.
Mr Schrems alleged that, in light of the revelations, EU citizens had no protection against US surveillance efforts once their data had been transferred.He targeted Facebook in particular because of the wide range of data it gathered and the number of people using it.
What is Safe Harbour?
The EU forbids the transfer of personal data to other parts of the world that do not provide “adequate” privacy protections.But to make it easier for the US tech giants to function, it allows them to self-certify that they are carrying out the required steps, allowing the firms to avoid further checks.
More than 4,000 US companies make use of the Safe Harbour principle to facilitate data transfers.Mr Schrems claims this gives them an unfair advantage over other firms that must “stick to much stricter” privacy rules.
Privacy opinion
As a result, if there was evidence of “systemic deficiencies” in the way the US was treating that data, he added, then “member states must be able to take the measures necessary to safeguard the fundamental rights protected by the Charter of Fundamental Rights of the EU, which include the right to respect for private and family life and the right to the protection of personal data”.
“This finding, if confirmed by the court, would be a major step in limiting the legal options for US authorities to conduct mass surveillance on data held by EU companies, including EU subsidiaries of US companies,” commented Mr Schrems.
Facebook publishes a limited amount of information about data handovers to the US authorities, but denies suggestions it freely shares access.
Read more at BBC
Read more about facebook