The ruling follows revelations from former National Security Agency contractor Edward Snowden about the Prism programme that allowed USA authorities to harvest private information directly from big tech companies such as Apple, Facebook and Google.
Advertisement
But Irish authorities dismissed his complaint and pointed to the decision by EU’s Executive Commission that the “Safe Harbour” agreement fully protects data passed on to the U.S. It said the agreement allows free transfer of information by companies from the European Union to us and has boosted the trade ever since.
The ruling has two key points: Each data-protection authority may examine whether a transfer of data complies with European privacy rules and examine it with its national court if suspect.
Ireland said it planned to investigate the transfer of data from European Facebook users to the United States, after an EU court ruled on Tuesday that national supervisory bodies have the power to do so.
Maas said the ruling was also “a mandate for the European Commission to fight for our data protection standards internationally”.
“They will need to consider their strategies around data transfers; if they have been relying on Safe Harbour to justify them then they will need to think of privacy-friendly methods to do so, which are compliant with the data protection directive”, agreed Robert Lands, head of intellectual property at law firm Howard Kennedy.
The ECJ struck down the Safe Harbor decision without providing companies with the option of a transition period.
Many companies, both USA and European, use the Safe Harbour system to help them get round cumbersome checks to transfer data between offices on both sides of the Atlantic.
Ireland’s court will now have to decide whether to suspend Facebook’s transfer of data to the US.
The Safe Harbor deal, according to The New York Times, ensured that 4,000-plus European and American tech and non-tech businesses would treat data moving between countries with the same privacy protections as inside the region.
A treaty allowing technology giants to send personal data about millions of European Union citizens to the U.S. has been ruled invalid. The ruling was not unexpected because as we wrote last month, the legal adviser to the court had deemed Safe Harbor invalid because of “mass, indiscriminate surveillance” by the U.S.
The highest court in Europe ruled against Safe Harbor on Tuesday.
Advertisement
Reacting to the ruling, San Francisco-based privacy advocate Electronic Frontier Foundation said on its website that the USA should realize that “dragnet surveillance” has economic and political consequences “as regulators, companies and individuals lose trust in Internet companies and services”.
