Facebook’s method of transferring data from the EU to the US for business purposes is to be challenged again in court.
The Irish data protection commissioner will argue the legal mechanism for these transfers does not sufficiently protect EU citizens’ right to privacy.
The concern is such transfers could be subject to mass surveillance by US intelligence agencies.
Facebook said data protection safeguards were in place.
A ruling against Facebook could potentially undermine the basis on which many businesses send data across the Atlantic – particularly technology giants that rely on cloud computing and communications technology.
Currently, the social network transfers vast amounts of personal data about EU users to servers in the US – everything from people’s names to information about their activity online.
In 2013, documents published by ex-CIA contractor Edward Snowden suggested Facebook was a target of “Prism”, a US National Security Agency’s mass surveillance programme.
This led privacy activist Max Schrems to successfully challenge the previous mechanism for EU-US data transfers, Safe Harbour, in court.
The alternative legal framework Facebook has used since is called “standard contractual clauses” (SCCs).
But the Irish data protection commissioner has suggested that SCCs are not fit for purpose given the possibility of intelligence agency surveillance.
Should the Court of Justice of the European Union (CJEU) decide that SCCs are indeed problematic, the ruling would have huge ramifications for Facebook and other businesses, said legal expert Orla Lynskey, at the London School of Economics.
“That would have a very significant impact for companies,” she…