Facebook Data Transfers to U.S. Face Probe After EU Court Rulingby and
Irish regulator to examine complaint by Austrian law student
Investigation follows ban on EU-U.S. data transfer accord
Ireland will investigate a complaint about U.S. spies potentially accessing Facebook Inc. users’ private details after the European Union’s highest court overturned a trans-Atlantic pact that allowed the free flow of such data 15 years ago.
Ireland’s Data Protection Commissioner agreed to probe the complaint by Austrian law student Max Schrems following the landmark Oct. 6 ruling by the EU Court of Justice, Paul Anthony McDermott, a lawyer for the authority, said in a Dublin court on Tuesday. The Irish data watchdog’s initial refusal to examine the complaint triggered the EU court case, which led to the banning of the so-called safe-harbor accord, struck between the EU and U.S. in 2000.
That original decision “must now fall” and the Irish regulator “must investigate,” McDermott said. He said the probe wouldn’t be delayed.
The EU’s top court based in Luxembourg focused on the validity of the data-sharing accord in the light of revelations by former National Security Agency contractor Edward Snowden about U.S. government surveillance activities and mass data collection. Last year, an Irish judge asked the top EU court to decide on key points in the Schrems case -- seeking guidance on whether the safe harbor still protects privacy and whether national regulators have the power to suspend illegal data flows from the EU to the U.S.
Facebook’s lawyer Rossa Fanning said in court the company is fully compliant with Irish and EU law and will be involved in the Irish authority’s investigation.
“Facebook is not and has never been part of any program to give the U.S. government direct access to our servers,” the company said in a separate e-mailed statement. “We will respond to enquiries from the Irish Data Protection Commission as they examine the protections for the transfer of personal data under applicable law."
The Irish case comes alongside parallel litigation in Vienna, where Schrems sought a class action against Facebook, alleging the company violated European privacy rules with its data policy by complying with the U.S. NSA’s Prism program, under which companies turned over user data to the government.
In June, a Vienna court rejected the class action. Facebook said the appeal by Schrems was also overturned with a decision saying he can’t pursue litigation on behalf of others in court. The social network said that “litigation was unnecessary.”
Filed 22 Complaints
This month’s decision at the top EU court gives teeth to Schrems’s actions in Ireland, because Facebook has its European base in the country and the Irish privacy commissioner is the one in charge of the company in the region.
Schrems alleged that Facebook’s Irish unit illegally handed over data to U.S. spies. He had previously filed 22 complaints against the company.
Facebook, like other tech giants, have been reeling from the effects of the Snowden revelations in 2013. The companies have been trying to assure their users or customers that their products are secure and that they don’t willingly turn over data to the U.S. government.