October 20, 2015 / 10:20 AM / 4 years ago

Irish court orders investigation of Facebook data transfers to U.S

DUBLIN (Reuters) - Ireland’s High Court on Tuesday ordered an investigation into Facebook’s transfer of European Union users’ data to the United States to make sure personal privacy was properly protected from U.S. government surveillance.

A 3D-printed Facebook logo is seen in front of the logo of the European Union in this picture illustration made in Zenica, Bosnia and Herzegovina on May 15, 2015. REUTERS/Dado Ruvic/Files

The court told the Irish Data Protection Commissioner to launch a probe following a landmark ruling by the European Court of Justice (ECJ) two weeks ago which struck down the Safe Harbour agreement that had allowed the free transfer of data between the European Union and the United States.

Both the ECJ decision and Tuesday’s ruling were the result of a challenge by Austrian law student Max Schrems, lodged after revelations in 2013 of the U.S. government’s Prism programme, which allowed authorities to harvest private information directly from big tech firms such as Facebook and Google.

The initial challenge was made in Ireland because Facebook has its European headquarters in Dublin and is regulated by the Irish Data Protection Commissioner. Tuesday’s ruling overturns the commissioner’s initial refusal to investigate on the grounds that it did not have jurisdiction over Safe Harbour.

The data commissioner’s office said in a statement it would now “proceed to investigate the substance of the complaint with all due diligence.”

Facebook said in a statement it had never been part of a programme to give the U.S. government direct access to its servers and said it would respond to enquiries by the Irish Data Protection Commissioner.

The ECJ ruling has thousands of U.S. and European companies mired in legal uncertainty over the transfer of personal data from Europe to the United States. That includes payroll and human resources information as well as data used for online advertising, which is of particular importance to tech firms.

Under EU data protection law, companies cannot transfer EU citizens’ personal data to countries outside the bloc deemed to have insufficient privacy safeguards.

A lawyer for Facebook had asked to voice the company’s opinion in the Irish case, but withdrew that request when the judge said any ruling would not go into detail as to how the regulator should conduct its investigation.

Schrems, who live-tweeted the ruling from the Irish court room, told journalists he expected the EU would have difficulty reaching consensus on a new framework due to disagreements between countries who want different levels of safeguards.

“In the end you will have to have a solution because it’s not possible that within a European market you have different approaches,” he said.

Editing by Padraic Halpin, Pravin Char and Mark Potter

0 : 0
  • narrow-browser-and-phone
  • medium-browser-and-portrait-tablet
  • landscape-tablet
  • medium-wide-browser
  • wide-browser-and-larger
  • medium-browser-and-landscape-tablet
  • medium-wide-browser-and-larger
  • above-phone
  • portrait-tablet-and-above
  • above-portrait-tablet
  • landscape-tablet-and-above
  • landscape-tablet-and-medium-wide-browser
  • portrait-tablet-and-below
  • landscape-tablet-and-below