Facebook's Data Transfer from EU to US is Legal, Top EU Court Adviser Says
Advocate general Saugmandsgaard Øe said standard contractual clauses can be used but that such transfers to the U.S. could be stopped if it was shown that the expected safeguards were not respected.
December 19, 2019 at 12:02 PM
4 minute read
In a win for Facebook, a senior legal adviser at the European Union's Court of Justice said Thursday that standard contracts for the transfer of personal data outside the bloc are in line with EU law on data protection.
But the opinion by Saugmandsgaard Øe, an advocate general at the EU court, also said that transfers to the U.S. under contractual clauses could be stopped if it was shown that the expected safeguards on adequate data protection were not respected.
The legal adviser's opinion is not binding, but the EU court follows such recommendations in 70% of cases.
The opinion stems from a case initially brought before the Irish courts by privacy advocate Max Schrems, who demanded that Facebook stop data transfers to the U.S. because government authorities there were looking at private data on national security grounds. Facebook's European headquarters is located in Ireland.
In 2018, Schrems brought a case in an Irish court arguing that standard contractual clauses (SCCs), which are used by companies for the treatment of citizens' data transferred outside the EU, broke EU law. He argued that these clauses did not ensure that EU citizens' data would be protected in the U.S. because U.S. authorities had collected private data from companies citing national security concerns. Whistleblower Edward Snowden had exposed that the U.S. National Security Agency had been collecting private data from companies in 2013.
Schrems, who won a ruling from the EU court against the bloc's "Safe Harbor" arrangements for data transfer in 2015, said that Facebook should stop sending data to the U.S. because these clauses failed to ensure data protection.
The advocate general said that the standard clauses were a valid way to ensure the protection of data transferred to the U.S. even though the U.S. authorities were able to gain access to private information. But he argued that transfers to the U.S. under contractual clauses could be stopped if it was shown that the expected safeguards on adequate data protection were not respected.
The compatibility of standard contractual clauses with the EU's Charter of Fundamental Rights "depends on whether there are sufficiently sound mechanisms to ensure that transfers based on the standard contractual clauses are suspended or prohibited where those clauses are breached or impossible to honour," the advocate-general said.
Øe said that data controllers and supervisory authorities are obliged to stop, suspend or ban transfer when the commitments to provide adequate levels of data protection in the clauses cannot be met.
Schrems told Reuters he was "generally happy" with the legal opinion.
He noted that everyone will still be able to have all necessary data flows with the U.S., such as sending emails or booking a hotel in the U.S. But he cautioned that some EU businesses may not be able to use certain U.S. providers for outsourcing anymore because U.S. surveillance laws require these companies to disclose data to the National Security Agency.
"It is really upon the United States to ensure baseline privacy protections for foreigners," he said. "Otherwise no one will trust U.S. companies with their data."
Facebook said in a statement that it is grateful for the advocate general's opinion. "Standard Contractual Clauses provide important safeguards to ensure that Europeans' data are protected once transferred overseas," the company said.
Lisa Peets, a partner who leads Covington & Burling's technology and media practice, said in a statement that the advocate general's opinion is in line with the arguments put forward by its client, the Business Software Alliance. "It's tremendously important for companies across the economy, who rely on the [standard contractual clauses] for many of their day-to-day operations."
"We will now wait for the decision of the Court in this very important case."
|Read More:
Top EU Court Hears Arguments in Privacy Case That Could Upend Transatlantic Data Transfers
|NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllInside Track: Late-Career In-House Leaders Offer Words to Live by
'Substantive Deficiencies': Judge Grants Big Law Motion Dismissing Ivy League Price-Fixing Claims
3 minute readTrending Stories
Who Got The Work
Joseph G. Petrosinelli, C. Bryan Wilson and Angela Pyo of Williams & Connolly have entered appearances for Motive Technologies in a pending patent infringement lawsuit. The complaint, filed Aug. 27 in California Northern District Court by Shaw Keller LLP and Kirkland & Ellis on behalf of Samsara Inc., assets three patents related to dashcam video footage technology. The case, assigned to U.S. District Judge James Donato, is 4:24-cv-06049, Samsara Inc. v. Motive Technologies Inc.
Who Got The Work
Moez M. Kaba, Christina Von der Ahe Rayburn, Dennis Ojogho and Yegor Fursevich from Hueston Hennigan have entered appearances for Amazon.com in a pending trade secrets lawsuit. The complaint was filed Aug. 26 in New York Southern District Court by Merchant & Gould on behalf of Select Research Ltd., a 3-D body imaging developer involved in the use of human health calculator body volume index (BVI). The suit contends that Amazon improperly embodied and incorporated SRL's trade secrets in their 'Halo' and 'Made For You' products. The case, assigned to U.S. District Judge Jesse M. Furman, is 7:24-cv-06419, Select Research Ltd. v. Amazon.Com, Inc. et al.
Who Got The Work
Attorneys from Quinn Emanuel Urquhart & Sullivan and Irell & Manella have stepped in to defend Foresight Diagnostics in a pending trade secrets lawsuit. The action, which is sealed, was filed Aug. 29 in California Northern District Court by Richards, Layton & Finger and Wilmer Cutler Pickering Hale and Dorr. The case, assigned to U.S. District Judge Eumi K. Lee, is 5:24-cv-06117, Roche Molecular Systems, Inc. et al v. Foresight Diagnostics Inc. et al.
Who Got The Work
David A. Robinson, John F. Wood and Brendan H. Connors from Holland & Knight and attorneys from Proskauer Rose have entered appearances for Scientific Drilling International, S. Westley Shedd, Pamela Pierce and other defendants, respectively, in a pending shareholder lawsuit. The suit was filed Aug. 29 in California Central District Court by Umhofer, Mitchell & King on behalf of Matthew D. Van Steenwyk and Gretchen M. Van Steenwyk-Marsh. The suit accuses the controlling shareholder of Scientific Drilling of self-dealing. The case, assigned to U.S. District Judge Fernando L. Aenlle-Rocha, is 2:24-cv-07401, Matthew D. Van Steenwyk et al v. Kedrin E. Van Steenwyk et al.
Who Got The Work
Constangy, Brooks, Smith & Prophete partners Laura A. Balson and Ashley L. Orler have entered appearances for Avfuel Corporation in a pending data breach class action. The case, filed Aug. 30 in Michigan Eastern District Court by Kopelowitz Ostrow PA, centers on a 2024 cyberattack that allegedly exposed the personally identifying and private data of 'potentially billions of individuals.' The case, assigned to U.S. District Judge Mark A. Goldsmith, is 2:24-cv-12274, Clark III v. Avfuel Corporation.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250