- Title: EU court strikes down EU-U.S. data transfer tool in Facebook case
- Date: 16th July 2020
- Summary: NEW YORK, NEW YORK, UNITED STATES (FILE) (REUTERS) VARIOUS OF FACEBOOK WEBSITE ON LAPTOP (MUTE) FACEBOOK WEBSITE ON LAPTOP
- Embargoed: 30th July 2020 10:12
- Keywords: Court of Justice of the European Union EU-US Data Protection Shield Facebook Max Schrems data privacy data transfer
- Location: LUXEMBOURG, LUXEMBOURG / NEW YORK, NEW YORK, UNITED STATES
- City: LUXEMBOURG, LUXEMBOURG / NEW YORK, NEW YORK, UNITED STATES
- Country: Luxembourg
- Topics: Crime/Law/Justice,Judicial Process/Court Cases/Court Decisions
- Reuters ID: LVA001CN27QKN
- Aspect Ratio: 16:9
- Story Text: EDITORS PLEASE NOTE: EDIT 4143-FACEBOOK-PRIVACY/EU-FILE CONTAINS MORE FILE OF FACEBOOK AND EDIT 4074-FACEBOOK-PRIVACY/EU-SCHREMS IS AN INTERVIEW WITH AUSTRIAN PRIVACY ACTIVIST MAX SCHREMS REACTING TO COURT RULING
Europe's top court on Thursday (July 16) rejected the validity of a mechanism used by thousands of companies to send data to the United States, backing concerns about U.S. surveillance raised by privacy activist Max Schrems in his clash with Facebook.
The EU-U.S. Privacy Shield was set up in 2016 to protect the personal data of Europeans when it is transferred across the Atlantic for commercial use. The same court also rejected its predecessor, known as Safe Harbour, in 2015.
However, judges upheld the validity of another data transfer mechanism known as standard contractual clauses but stressed that privacy watchdogs must suspend or prohibit transfers outside the EU if the protection of the data cannot be ensured.
Hundreds of thousands of companies including Facebook, industrial giants and carmakers use these clauses to transfer Europeans' data around the world for services ranging from cloud infrastructure, data hosting, payroll and finance to marketing.
The case - C-311/18 Facebook Ireland and Schrems - went to the Court of Justice of the European Union (CJEU) in Luxembourg after Schrems challenged Facebook's use of the standard clauses, saying they lacked sufficient data protection safeguards.
Schrems shot to fame for winning a legal battle in 2015 to overturn Safe Harbour. EU concerns about data transfers mounted after former U.S. intelligence contractor Edward Snowden's revelations in 2013 of mass U.S. surveillance.
In the EU, the General Data Protection Regulation (GDPR), introduced in 2018, seeks to increase individuals' control over their personal information. Companies that fail to comply are liable to fines of up to 4% of global annual turnover.
(Production: Hortense de Roffignac) - Copyright Holder: FILE REUTERS (CAN SELL)
- Copyright Notice: (c) Copyright Thomson Reuters 2020. Open For Restrictions - http://about.reuters.com/fulllegal.asp
- Usage Terms/Restrictions: Footage contains computer game or software screenshots. User is responsible for obtaining additional clearances before publishing this clip.