Want Privacy? Then Dump Facebook Account, EU Court ToldStephanie Bodoni
If you worry about your data being up for grabs by U.S. authorities, then dumping your Facebook Inc. account is a good start, an adviser to the European Union’s top court was told.
Yves Bot, who’s guiding the bloc’s highest court on the legality of a 15-year-old data transfer pact with the U.S., was given the tip at a hearing in Luxembourg Tuesday. Bot asked an EU lawyer if there was any means at all to stop his data from being “at the disposal” of U.S. authorities.
“You might consider closing your Facebook account, if you have one,” European Commission attorney Bernhard Schima replied in front of a 15-judge panel of the EU Court of Justice.
The case is a test to the so-called EU-U.S. safe harbor accord struck in 2000. An Irish judge last year called on the EU’s tribunal to decide whether the deal protects privacy and whether national regulators have the power to suspend illegal data flows from the EU to the U.S.
It was triggered by a complaint that Austrian law student Max Schrems filed with the Irish regulator alleging that Facebook’s Irish unit illegally handed over data to U.S. spies. Schrems had previously filed 22 complaints against the Menlo Park, California-based company.
Facebook, like other tech giants Google Inc. and Yahoo! Inc. is still reeling about the extent of National Security Agency spying exposed by exposed by former U.S. contractor Edward Snowden in 2013. The companies are trying to assure their users or customers that their products are secure and that they don’t willingly turn over data to the government.
Facebook declined to comment on the case.
EU officials said two years ago there were privacy concerns about mass spying and collection of data in the wake of the Snowden revelations. Negotiations between the EU and the U.S. have been ongoing since then and there is “a concrete perspective of something being achieved,” said Schima, the commission’s lawyer.
“The commission has told us today several times that it cannot ensure the adequacy of U.S. levels of protection, nor has it been able to do so over the last 15 years,” Herwig Hofmann, one of two lawyers for Schrems, told the EU judges. Under safe harbor, “EU citizens are effectively stripped of any protection of personal data by foreign authorities.”
Facebook’s European base is in Dublin and regulated by the Irish data protection commissioner.
Schima said national EU regulators “are in principle not empowered” to suspend data transfers to the U.S.
“Cutting off the safe harbor decision from one day to another would create enormous disruption,” said Schima.
The safeguards included in the deal “provide overall for an adequate system of protection in procedural terms,” said Schima.
Still, “the safe harbor decision does not affirm that the U.S. in general ensures an adequate level of protection.”
Bot, who’s an advocate general at the EU court, said he will publish his non-binding opinion in the case on June 24. The court follows such opinions in a majority of cases and delivers its ruling between four to six months later.
The case is: C-362/14, Maximilian Schrems v. Data Protection Commissioner.