The European Court of Justice ruled Tuesday that Safe Harbor—which was signed in 2010 to allow companies to send user data to the U.S. with no guarantees that the U.S. government would not access that data—was invalid.
The ruling came in a case filed by Austrian law student Max Schrems and his Europe Versus Facebook group last November.
Companies that rely on user data, notably Facebook, could be impacted if the court decides to suspend Safe Harbor following an investigation by the Office of the Data Protection Commissioner in Ireland (Facebook’s European headquarters is located in Dublin).
Schrems told CNET:
The average consumer will not see any restrictions in daily use, but will hopefully soon be able to use online services without potentially being subject to mass surveillance.
I very much welcome the judgment of the court, which will hopefully be a milestone when it comes to online privacy. This judgment draws a clear line. It clarifies that mass surveillance violates our fundamental rights. Reasonable legal redress must be possible.
A Facebook spokesperson added:
This case is not about Facebook. What is at issue is one of the mechanisms that European law provides to enable essential trans-Atlantic data flows.
It is imperative that European Union and U.S. governments ensure that they continue to provide reliable methods for lawful data transfers and resolve any issues relating to national security.
The court’s ruling is embedded below.
Readers: Should Facebook and other companies that rely on similar data be concerned?
Image courtesy of Shutterstock.