The EU’s highest court has ruled in favour of an Austrian law student who claims that a trans-Atlantic data protection agreement doesn’t protect consumers, a victory for privacy campaigners and a potential blow to tech giants.
Max Schrems launched the legal challenge over concerns that Facebook could be sharing the private data of EU citizens with the US spy agency NSA following revelations from whistleblower Edward Snowden.
He originally lodged his complaint in Ireland, where Facebook has its European headquarters. Irish authorities rejected it, citing a 2000 decision by the European Commission that the US provides adequate data protection under the so-called Safe Harbour deal.
The implications of the European Court of Justice (ECJ) ruling could be far-reaching, leading to more paperwork and driving up costs for firms transferring information from the EU to the US.
Safe harbour is not safe
MEP Claude Moraes welcomed the ECJ judgement and said the European Commission must now change its plans, and calls on the Commissioner to bring forward new plans on transferring data to make it safe.