Facebook has warned that it may pull out of Europe following a preliminary order from the Irish data watchdog to ban the sharing of European citizens’ data with the US.

The Dublin court could enforce this year’s landmark ruling by the European court of justice (ECJ) which found that the EU-US Privacy Shield fails to safeguard snooping by US authority. The tech giant’s vow to withdraw from Europe is a warning that the EU and US might be caught in a privacy trade war and that Washington needs a federal data privacy law as soon as possible.

In the background, the end of the Privacy Shield is also likely to affect future data transfers between the EU and UK after the end of the post-Brexit transition period in December.

Data privacy issues had already been raised in Europe

The EU-US Privacy Shield, a scheme approved by the European Commission (EC) in 2016, has been challenged after campaigners argued that the US cannot ensure the privacy of European data, and in July of this year the EU court confirmed just that.

The agreement enables non-EU companies that handle the data of European citizens to meet the requirements of the General Data Protection Regulation (GDPR). It replaces the Safe Harbor Privacy Principles, declared invalid in 2015 by the EU Court of Justice. At that time, Edward Snowden’s leaks provided evidence of the US National Security Agency’s mass surveillance of private data relating to European citizens.

Data transfers must adhere to European standards

Since the court’s ruling, companies have relied on individual legal agreements, known as standard contractual clauses, to transfer data. But even the ECJ stressed that additional safeguards might be needed to make sure that such data transfers adhere to Europe’s data protection standards. Facebook’s warning of stopping its operations in Europe is a way to put pressure on Brussels to introduce a comprehensive legislation rather than leaving it to EU countries’ regulators to make their own rulings.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Submit

UK USA Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo Democratic Republic of the Congo Cook Islands Costa Rica Côte d"Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia, The Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and The Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and The South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates US Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Vietnam British Virgin Islands US Virgin Islands Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Kosovo

Industry * Academia & Education Aerospace, Defense & Security Agriculture Asset Management Automotive Banking & Payments Chemicals Construction Consumer Foodservice Government, trade bodies and NGOs Health & Fitness Hospitals & Healthcare HR, Staffing & Recruitment Insurance Investment Banking Legal Services Management Consulting Marketing & Advertising Media & Publishing Medical Devices Mining Oil & Gas Packaging Pharmaceuticals Power & Utilities Private Equity Real Estate Retail Sport Technology Telecom Transportation & Logistics Travel, Tourism & Hospitality Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Verdict.

Submit and download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Companies on both sides of the Atlantic are now calling for more guidance on how they should transfer data to the US.

EU and US have different views on privacy

In the past the EU has made pressure on Washington to adopt a federal law on data privacy similar to GDPR. Brussels would be keen for this to be as closer to GDPR as possible, in order to achieve an adequacy agreement that would allow US and European businesses to freely share the personal information of their citizens. But with the Privacy Shield now defunct, it’s hard to imagine an alternative agreement on data transfer between EU and US that won’t be challenged again by the ECJ, unless the US reforms its surveillance law.

The US and EU appear to be increasingly at odds on the transfer of personal data.  While the EU is firmly in favour of privacy protection through GDPR, the US prioritises the right of surveillance by the US state for the sake of national security. If the two cannot come to an agreement, the future of global digital platforms may well be at risk.

Brexit has complicated data privacy in Europe

The need to protect EU citizens from surveillance may restrict data to other countries as well, including to the UK after Brexit, when it will have to seek an agreement from the EU that ensure that its data protection regime is adequate. The UK data watchdog, the Information Commissioner Office, states that “although it is the ambition of the UK and EU to eventually establish an adequacy agreement, it won’t happen yet.

Until an adequacy decision is in place, businesses will need a specific legal transfer arrangement in place for transfers of personal data from the EEA to the UK, such as standard contractual clauses”.