Agreements that let Facebook and different companies send European citizens’ data to the U.S., and different nations are valid, a principal EU courtroom adviser said Thursday, though he left room for such transfers to be halted if European data protection requirements will not be met in nations receiving the information.
The case is predicated on a challenge by Austrian privacy activist Max Schrems, who argued that Facebook’s agreements don’t protect information to European levels, particularly given concerns about activities by U.S. spy agencies.
Schrems had further called on Ireland, where Facebook has its European headquarters, to act towards the firm as it’s subjected to U.S. surveillance laws, which he believes could threaten Europeans’ rights.
Schrems efficiently fought against the EU’s earlier ‘Safe Harbour’ privacy guidelines in 2015.
Henrik Saugmandsgaard Øe, advocate general at the Court of Justice of the European Union, mentioned the contracts utilized by many firms along with Facebook to underpin actions resembling outsourced services, cloud infrastructure, data hosting and finance are legal.
The court docket, which follows such recommendations in four out of five cases, will rule in the coming months.
Nevertheless, he added privacy regulators should block such data switch when laws of the international locations receiving the data, such as the U.S. battle with the data safety requirements of the contracts, known as customary contractual phrases.
The opinion calls into question the adequacy of U.S. data protections, stated Caitlin Fennessy, research director at the International Association of Privacy Personnel.
The court ought to follow the adviser’s opinion on the clauses, stated Patrick Van Eecke, global chairperson of law agency DLA Piper’s data protection practice.