| Advertisement |
July 9 (UPI) -- The European Union's top court will hear arguments Tuesday in a landmark case that boils down to whether U.S. tech companies, encouraged by the U.S. government, can continue to skirt users' privacy in the European Union. Specifically, the European Court of Justice will examine the legality of the methods Facebook uses to transfer data from the EU to the United States, but the case has far-reaching implications for similar companies going forward.
Advertisement
The court's Grand Chamber in Luxembourg will seek to decide Tuesday whether the legal framework used by companies like Facebook to transfer personal data from the EU to the United States and other countries -- known as "standard contractual clauses," or SCCs -- violate European privacy laws. They allow companies to freely transfer data, including social media posts.
The roots of the case go back to 2013, when whistle-blower Edward Snowden revealed that the United States -- including the National Security Agency -- was forcing tech companies like Facebook to turn over private data of EU users to American spies.
The top EU court will weigh whether SCCs adequately protect Europeans' data once it's transferred to other countries. In the end, it will decide whether the transatlantic data flow can continue if U.S. companies can't guarantee privacy for EU users.
Austrian privacy attorney Max Schrems originally brought the case against Facebook with the Irish Data Protection Commissioner after Snowden's revelation six years ago. After Schrems adapted the case to focus on SCCs, the Irish commissioner's office filed a lawsuit in Irish High Court in 2016 and it ultimately landed in the European Court of Justice.
Schrems won a landmark legal battle in 2015 that said EU "Safe Harbor" laws -- which allowed transfers of EU users' data -- violated European privacy rights. He is now taking on its replacement pact, the EU-U.S. Privacy Shield Framework.
Facebook -- already taken to task on other privacy matters, including the British Cambridge Analytica scandal -- says its open use of European data is legal under the new agreement.
The Irish privacy office agrees U.S. surveillance laws violate the fundamental rights to privacy, data protection and redress granted under European law.
"We are proposing a measured solution: The Irish DPC must simply enforce the rules properly, instead of kicking the case back to" the European Court of Justice, Schrems said. "This case has been pending for six years. Over these six years, the DPC has actually decided in a mere 2-3 percent of the cases that were brought before it. We don't have a problem with 'Standard Contractual Clauses,' we have a problem with enforcement."
The Irish DPC states it has no authority to prevent the violations without invalidating SCCs. Schrems maintains SCCs allow the entity to prevent individual data transfers like Facebook's.
Data transfers are worth untold billions, experts say, making the court's ruling one with far-reaching effects.
The court is expected to issue its decision by the end of the year.
