- Facebook is fighting Ireland’s data protection watchdog for trying to prevent it from sending EU user data back to the US.
- Ireland’s Data Protection Commission (DPC) is investigating the mechanism Facebook uses to transfer data between the US and Europe, and warned Facebook last week the process may not be legal in practice.
- This follows on from a landmark EU court ruling in July that invalidated a key data-sharing agreement between the US and Europe called Privacy Shield.
- Visit Business Insider’s homepage for more stories.
Facebook on Friday took legal action against Ireland’s privacy watchdog after it warned Facebook it may have to stop transferring EU user data back to the US.
Facebook said in a statement: “A lack of safe, secure and legal international data transfers would have damaging consequences for the European economy.
“We urge regulators to adopt a pragmatic and proportionate approach until a sustainable long-term solution can be reached.”
Bloomberg reported Friday the US tech giant filed to seek a judicial review to repeal a preliminary order from the Irish Data Protection Commission (DPC) ordering it to halt EU-US data transfers.
In a blog post on Thursday Facebook said it had received notice from the Irish watchdog that it had launched an investigation into how Facebook transfers data between the EU and the US.
The DPC told Facebook the mechanism it currently uses, called Standard Contractual Clauses (SCCs), may not in practice be legal.
The Wall Street Journal reported Wednesday the DPC had issued Facebook with a preliminary order to cease data transfers from Europe to the US.
The issue of whether Facebook is allowed to used SCCs hinges on European concerns that US internet surveillance may breach data privacy standards. It follows a landmark decision from the EU’s highest court in July which invalidated a key data transfer agreement with the US called Privacy Shield.
In that decision the court upheld SCCs as a potential transfer mechanism with other countries, but that those countries’ data protection laws must be in line with EU regulations. The concern is that the US’ data surveillance may be too intrusive to qualify.
The DPC was not immediately available to comment when contacted by Business Insider.