Irish privacy regulator tells Facebook to stop EU-US data transfers

News Broadband Europe 10 SEP 2020
Irish privacy regulator tells Facebook to stop EU-US data transfers

Ireland’s Data Protection Commission has told Facebook to suspend transfers of data on EU customers to the US, people familiar with the matter told the Wall Street Journal. The preliminary order was sent late last month, asking for the company’s response after an EU court ruled the Privacy Shield protecting EU-US data transfers was no longer valid

To comply with Ireland’s preliminary order, Facebook would likely have to re-engineer its service to silo off most data it collects from European users, or stop serving them entirely, at least temporarily. If it fails to comply with an order, Ireland’s data commission has the power to fine Facebook up to 4 percent of its annual revenue. 

Nick Clegg, Facebook’s top policy and communications executive in Europe, confirmed that Ireland’s privacy regulator has suggested, as part of an inquiry, that Facebook can no longer in practice conduct EU-US data transfers using a widely used type of contract.

Ireland’s Data Protection Commission declined to comment.

Clegg said in a statement for the company that Facebook was relying on standard contract clauses (SCCs) to continue the data transfers. The EU court upheld the use of such instruments if the parties involved could ensure the data was protected to EU standards. Facebook "has been working hard" to follow the steps set out by the court to maintain data flows, Clegg said. This includes "ensuring that we have robust safeguards in place, such as industry standard encryption and security measures, and comprehensive policies governing how we respond to legal requests for data."

He confirmed that the Irish Data Protection Commission is investigating such practices at Facebook and has suggested that SCCs cannot in practice be used for EU-US data transfers. "While this approach is subject to further process, if followed, it could have a far reaching effect on businesses that rely on SCCs and on the online services many people and businesses rely on," Clegg said. 

Clegg said Facebook said it supports the development of new global standards on personal data handling and noted the EU and US are already in talks on developing a new form of the Privacy Shield. 

Categories:

Internet

Companies:

Facebook

Regions:

Europe

Countries:

United States

Tags:

Messaging, Hosting - cloud - data centres, Regulations, IT - applications, Information services, Advertising services, Legislation - Lawsuits

Related Articles

EUROPE 8 JUL 2022

Irish privacy regulator recommends end to Meta data transfers to US

Ireland's Data Protection Commissioner has recommended that Meta not be allowed to send personal data on Europeans across the Atlantic to the US, Politico reports. The regulator sent a draft opinion on the matter to the other national privacy regulators in the EU for their approval.

EUROPE 19 OKT 2020

Irish watchdog investigating Instagram's handling of children's personal data

David Stier, a US data scientist who first discovered the loophole, estimates that as many as 5 million children had personal details exposed when they switched from a personal to a business setting to receive statistics on how popular their photos and videos were. No proof is required that the user actually runs a company, meaning personal contact details such as phone numbers and email addresses were publicly displayed on their profile, allowing anybody to contact the children outside of the app.

GLOBAL 14 SEP 2020

Weekly news summary: 3 new 5G networks, Altice Europe to go private and TP webinar on digital regulation

The past week's news included the launch of three new 5G networks, as well as new 5G services for drone monitoring and broadcasting. New hardware came from Orbis, which developed a smart football helmet with cameras connected over 5G, and the streaming wars kick off in Belgium with the launch of local venture Streamz and Disney+. In M&A news, Patrick Drahi announced plans to take Altice Europe private, while Cogeco resisted a hostile takeover bid from Altice USA. Market responses also came in on the EU's pr

IRELAND 14 SEP 2020

Facebook files appeal against order to stop EU-US data transfers

Facebook has filed an appeal with the Irish High Court against an order from Ireland's Data Protection Commission (DPC) to stop data transfers between Europe and the US, reports the Wall Street Journal.

EUROPE 4 SEP 2020

EDPB sets up taskforce to deal with Schrems II complaints

The European Data Protection Board (EDPB) has adopted a number of new guidelines and created a taskforce on complaints following the CJEU Schrems II judgment at its 37th plenary session in Brussels. A total of 101 identical complaints have been lodged with EEA data protection authorities against several controllers in the EEA member states regarding their use of Google / Facebook services which involve the transfer of personal data after privacy activist Max Schrems won a new case at the EU Court of Justice

EUROPE 18 AUG 2020

Noyb files privacy complaints over 100 European companies still sharing data with Google, Facebook

Telecom operators Tele2, Free Mobile and Fastweb are among the over 100 companies facing complaints from the privacy rights group Noyb. The group led by Max Schrems said the companies' websites are still using Google and Facebook code that allows data on users to be sent to the US, despite the EU Court of Justice declaring this illegal a month ago. 

EUROPE 12 AUG 2020

US, EU start talks on reforming Privacy Shield

The US Department of Commerce confirmed it has started fresh talks with the European Commission on reforming the Privacy Shield. They will work on adapting the agreement on trans-Atlantic processing of personal data after the EU's Court of Justice struck down the previous deal, saying it did not meet EU legal standards.

EUROPE 16 JUL 2020

EU court overturns Privacy Shield, blocking personal data transfers to US

Max Schrems has won a new victory against Facebook and how the social network handles personal data. After having the US's 'safe harbour' status for data transfers overturned in 2015, the privacy activist has won a new case at the EU Court of Justice overturning the Privacy Shield agreement which replaced it in 2016. This means it is not legal for EU-based companies to transfer personal data to the US, as the country does not offer sufficient protection as required under the EU's privacy law.

EUROPE 25 MEI 2020

Irish regulator progresses in GDPR cases against Twitter, WhatsApp, Facebook

The Irish Data Protection Commission (DPC) announced it's making progress on investigations into major social media companies thought to have violated the EU's General Data Protection Regulation. This includes procedures against Twitter, WhatsApp and Facebook.

Just In

19 DEC 16:42

SLT-Mobitel launches 5G network in Sri Lanka

19 DEC 16:19

Dialog Axiata launches 5G network, connects 1.5 million subscribers

19 DEC 15:56

UK govt to ban AI-enabled nudification apps to protect women, girls

19 DEC 15:42

3 UK launches last-minute Christmas sale

Commentary

13:56

Video market set for slower growth ahead

11:38

Netflix buys Warner Bros to deepen content catalogue

11:11

KPN's mixed performance in Q3 raises questions for strategy day

15:26

Stock markets breaking records but what happened to Odido's IPO plans?

Background

01:04

The week in telecom: Wi-Fi bolt-ons take off to boost broadband growth, video market works on consolidation

01:39

The week in telecom: Netflix wins bidding for Warner Bros, Apple poaches new execs, Samsung debuts trifold

13:51

Proximus vs. Telenet: Proximus performs better in Q3 while Telenet uses up cash

14:16

Proximus Domestic still struggling with low margins

Complete profile

Before downloading the whitepaper, we would like to ask you to complete your profile with company and position. After confirming you will receive the white paper.