“The European commission remains fully committed to data transfers across the Atlantic whilst ensuring robust data protection safeguards for citizens and legal clarity for businesses”, said European commissioner Vera Jourova, who is in charge of Justice, Consumers and Gender Equality.
Advertisement
“The biggest casualties will not be companies like Google and Facebook because they already have significant data center infrastructure in countries like the Republic of Ireland, it will be medium-sized, data-heavy tech companies that don’t have the resources to react to this decision”.
“The message is clear – that mass surveillance is not possible and against fundamental rights in Europe”, he said.
But Mr. Schrems appealed to the Irish Court, which also asked the European Court of Justice if the EU-wide agreement can be ignored.
The ECJ judgment came after Austrian campaigner Max Schrems brought a case against the DPC to the High Court in Dublin.
“The judgement has clarified that it is now for the data protection commissioner to revisit Mr Schrems’s complaint and carry out the necessary investigations”, said Dara Murphy, the Irish data protection minister.
The 15-year-old agreement compromises the privacy of European Union citizens and their right to challenge the use of their information, the EU Court of Justice said in a ruling in Luxembourg on Tuesday.
The accord, signed in 2000 between Brussels and Washington, enabled companies and worldwide networks to easily transfer personal data to the United States without having to seek prior approval, a potentially lengthy and costly process.
Snowden – the former National Security Agency whistleblower who in 2013 revealed a worldwide U.S. surveillance programme harvesting the data – said Schrems had “changed the world for the better”. To cater to the European demands, the American companies may be forced to build expensive infrastructure to process, transfer, and store data within the EU.
Europe’s highest court has ruled against the safe harbor data-sharing agreement that grants companies the right to move your data across oceans.
The Ireland data protection authority, which had cited Safe Harbor when it rejected the claims by Schrems about the security of his Facebook information, must now reconsider them.
The “Safe Harbor” system, used by thousands of companies in the European Union to transmit data to the United States, is invalid (link to official verdict: may be hard to comprehend). “For all these reasons”, the court continued, “the Court declares the Safe Harbour Decision invalid”.
It added that the ruling meant Ireland’s regulator now needed to decide whether Facebook’s EU-to-US transfers should be suspended.
Advertisement
Those factors and “the secret nature” of the USA agencies’ access to such data via the servers of companies based in the United States “make the interference extremely serious”.
