* Irish judge asks ECJ to probe Safe Harbour deal
* Asks if it is compatible with EU rights charter
* Referral follows case on Facebook data
(Adds comment by student group, lawyer)
By Sarah O'Connor
DUBLIN, June 18 Ireland's High Court on
Wednesday asked the European Court of Justice (ECJ) to review a
European Union-U.S. data protection agreement in light of
allegations that Facebook shared data from EU users with
the U.S. National Security Agency.
It asked the European Court to clarify whether a Safe
Harbour deal, which allows the transfer of data from EU
consumers to the United States, was compatible with the EU
Charter of Fundamental Rights.
The judge was ruling on a request by Austrian student group
europe-v-facebook for an investigation into allegations that
companies including Apple and Facebook help the U.S.
National Security Agency (NSA) harvest email and other private
data from European citizens.
The group appealed to the High Court after the Irish data
watchdog - the effective supervisor of the EU activities of some
of the biggest U.S. Internet companies which have their European
headquarters in Ireland - had said in July there were no grounds
for such an investigation.
High Court Justice Gerard Hogan said that given the Safe
Harbour agreement, which says that U.S. has sufficient data
safeguards in place, the Irish regulator did not have the
authority to investigate.
If Safe Harbour stands, the student group's application must
fail, he said. "The critical issue which arises is whether the
proper interpretation of the 1995 [EU data protection] directive
and the 2000 Commission decision [on the Safe Harbour
principles] should be re-evaluated in the light of the
subsequent entry into force of article 8 of the EU charter," on
the right to the protection of personal data, Hogan said.
The Safe Harbour agreement allows U.S. companies like
Facebook, Google, and Microsoft to gather
customer information in Europe and send it to the United States,
beyond the EU's legal jurisdiction, as long as certain criteria
The strength of the agreement was called into question by
the revelation by U.S. intelligence contractor Edward Snowden
last year that the NSA used major Web companies, including Apple
, Google, Facebook and Microsoft, to gather user data as
part of a mass electronic surveillance programme known as Prism.
"The whole Prism, NSA spying thing is thereby in front of
the highest court in Europe, which is going to be very
interesting," Max Schrems, founder of europe-v-facebook, the
Austrian lobby group which brought the case, said.
"Any ruling will apply to any other U.S. companies that have
participated in PRISM," he said, adding that he thought there
was a "very good chance" of having Safe Harbour overturned.
EU countries are negotiating a new data protection law which
would oblige companies like Google or Facebook to seek consent
before using personal information, and would impose stiff fines
if they break the rules.
"If Safe Harbour were to come falling down, that would
create an immediate issue for the thousands of multinationals
who have self-certified with that system," Rob Corbet, head of
technology and innovation at Arthur Cox law firm in Dublin,
"However, nobody wants that uncertainty so I think the more
likely outcome is that the U.S. and Europe will get their act
together and reach a political outcome on data transfers prior
to any final ECJ ruling."
A referral from a Spanish court led the European Court last
month to rule that internet companies can be made to remove
irrelevant or excessive personal information from search engine
results in a case that pitted privacy campaigners against Google
(Writing by Conor Humphries; Additional reporting by Padraic
Halpin; Editing by Elaine Hardcastle and Jane Merriman)