In a case that could transform the way in which data crosses the Atlantic, Facebook told the European Union's highest court Tuesday that EU-U.S. trade would be severely harmed if a data-sharing agreement were ruled illegal.

Arguments have begun at the European Court of Justice in Luxembourg in a case that addresses claims that the U.S. does not sufficiently protect Europeans' data when it is shipped across the Atlantic. At stake are so-called standard contractual clauses—legal mechanisms that allow companies to move data freely from Europe to the U.S., Asia and other locations.

Facebook's lawyer, Paul Gallagher, told the 15-judge panel that companies rely on these standard contractual clauses (SCCs) and that ending them would disrupt companies' ability to share data and would affect services-related trade.

“Were SCCs to be invalidated, the effect on trade would be immense,” Gallagher said. “If data transfers were prohibited, the effect on EU service imports into the U.S. per annum would be a decrease of between 16% and 24%.”

The outcome of the case could change the rules governing privacy for the world's largest online platforms and have major implications for the way in which data can be transferred across markets.

For companies like Facebook and Google, the threat of major disruption is all too real. The case is brought by Max Schrems, the young Austrian digital rights activist who successfully challenged Safe Harbour arrangements in 2015. The European Court of Justice ruled that Safe Harbour, a widely used set of rules for transferring data, did not provide adequate data protection.

Schrems, who is now 31, brought the original case after former U.S. contractor Edward Snowden exposed the extent of spying by the U.S. National Security Agency in 2013.

The decision in that case, finding that Safe Harbour rules were not adequate, meant the EU and the U.S. were forced to negotiate a new arrangement, dubbed the Privacy Shield, with greater safeguards, including an independent adjudicator for disputes.

Schrems and other digital rights activists are now arguing that the Privacy Shield fails to give EU citizens adequate protection because U.S. intelligence, security and law enforcement authorities can access data held by U.S. companies under certain circumstances.

Schrems brought his challenge to the Privacy Shield scheme in the Irish courts, as that is where Facebook's European operations are based. Its data protection arrangements are the responsibility of the Irish Data Protection Commissioner.

But the Irish High Court referred the case to the European Court of Justice, which has been asked to decide whether the provisions of EU data protection law apply when national security issues are at stake, what is the legal basis for the appropriate level of protection, and how to assess the level of protection provided by a country receiving data on EU citizens under SCCs.

During arguments Tuesday, a lawyer for Schrems, Eoin McCullough, said that when data is transferred to Facebook in the U.S., any data protection is undermined by certain U.S. laws. “U.S. law requires Facebook to assist the U.S. in surveillance of non-U.S. persons,” McCullough said.

The U.S. is one of many intervenors in the case, and Eileen Barrington, a lawyer for the U.S. government, told the court that the way in which U.S. data collection operates has been “mischaracterized.”

An advocate general is expected to issue a nonbinding opinion in the case in December. A final ruling could come several months later.