Top European Union court backs student in Facebook privacy case

In the wake of the revelations that stemmed from documents leaked by Edward Snowden about the US National Security Agency’s surveillance programmes, Max Schrems argued that U.S. law doesn’t provide sufficient data protection for European web-users.

“We have a variety of concerns about this specific ruling; one of them is that we believe that this decision was based on incorrect assumptions about data privacy protections in the United States”, White House spokesman Josh Earnest said.Schrems complained to the data protection authorities in Ireland, where Facebook has its European headquarters.

In its ruling, the ECJ says: “Without needing to establish whether that scheme ensures a level of protection essentially equivalent to that guaranteed within the European Union, the Court observes that the scheme is applicable exclusively to the United States undertakings which adhere to it, and the United States public authorities are not themselves subject to it”.

“It is imperative that the European Union and USA governments resolve any issues relating to national security”. “The EU’s highest court has pulled the rug under the feet of thousands of companies that have been relying on Safe Harbour”. The companies have been trying to assure their users or customers that their products are secure and that they don’t willingly turn over data to the government.

Commission members Frans Timmermans and Věra Jourová took time out from discussing the ongoing refugee crisis in Europe to tell citizens that their main priority is protecting personal data transferred across the Atlantic, and to reassure businesses that their other main priority is continuing the flow of data – with appropriate safeguards.

While the American and European leaders negotiate terms and conditions for an agreement about data transfer across the Atlantic, the European court has put another arrow in the United States tech industry.

“The USA legal framework for intelligence collection includes robust protection for privacy under multiple layers of oversight and a remarkable degree of transparency”, Earnest said.

Data transfer between the US and Europe just hit a major bump in the road.

“Losing Safe Harbor would be hugely disruptive to all sorts of business”, said a representative of a U.S.-based cloud services company.

“The message is clear: that mass surveillance is not possible and against fundamental rights in Europe”, Schrems said of the ruling. As far as the ECJ is concerned, privacy watchdogs should be required to monitor whether or not U.S. firms have solid measures in place to protect data.

On Wednesday, October 14, 2015, Norton Rose Fulbright attorneys Marcus Evans, Jay Modrall and Boris Segalis will lead a conference call to discuss the implications of the Schrems case, which invalidated the EU-US Safe Harbor Decision.

“The biggest casualties will not be companies like Google and Facebook because they already have significant data center infrastructure in countries like the Republic of Ireland, it will be medium-sized, data-heavy tech companies that don’t have the resources to react to this decision”.