Safe Harbor Ruling May Impact Facebook


The Safe Harbor agreement between the U.S. and the European Commission may not be safe for much longer.

The European Court of Justice ruled Tuesday that Safe Harbor—which was signed in 2010 to allow companies to send user data to the U.S. with no guarantees that the U.S. government would not access that data—was invalid.

The ruling came in a case filed by Austrian law student Max Schrems and his Europe Versus Facebook group last November.

Companies that rely on user data, notably Facebook, could be impacted if the court decides to suspend Safe Harbor following an investigation by the Office of the Data Protection Commissioner in Ireland (Facebook’s European headquarters is located in Dublin).

Schrems told CNET:

The average consumer will not see any restrictions in daily use, but will hopefully soon be able to use online services without potentially being subject to mass surveillance.

I very much welcome the judgment of the court, which will hopefully be a milestone when it comes to online privacy. This judgment draws a clear line. It clarifies that mass surveillance violates our fundamental rights. Reasonable legal redress must be possible.

A Facebook spokesperson added:

This case is not about Facebook. What is at issue is one of the mechanisms that European law provides to enable essential trans-Atlantic data flows.

It is imperative that European Union and U.S. governments ensure that they continue to provide reliable methods for lawful data transfers and resolve any issues relating to national security.

The court’s ruling is embedded below.

Readers: Should Facebook and other companies that rely on similar data be concerned?

Judgment in Case C-362/14 Maximillian Schrems v Data Protection Commissioner

Image courtesy of Shutterstock.

SocialTimes Feed


Max Schrems, Europe Versus Facebook Take Aim at Safe Harbor Agreement Between U.S., EU


SafeHarborLogo650Austrian law student Max Schrems and his Europe Versus Facebook group have been a thorn in Facebook’s side since challenging the social network’s privacy policies in 2011, and they are now going after bigger game: Safe Harbor, the agreement between the U.S. and the European Union that gives more than 3,000 U.S. companies — including Facebook, Google and Apple – the ability to capture personal data from European users.

The Wall Street Journal’s Digits blog reported that Schrems is challenging Safe Harbor on the grounds that his personal data could be made available to the National Security Agency once it is stored on servers in the U.S., which would violate EU privacy rules.

According to Digits, Schrems is seeking the complete removal of Safe Harbor, rather than adjusting the agreement, and he said at an International Association of Privacy Professionals conference in Brussels Thursday:

We will go on a head-on collision with Safe Harbor. Safe Harbor in practice doesn’t give you any protection. Mass surveillance of millions of people is surely not adequate.

Schrems and Europe Versus Facebook burst upon the scene in October 2011, when they filed a complaint against Facebook with the Irish Data Protection Commissioner – Facebook’s European headquarters is in Dublin – expressing concerns about the amount of personal data the social network was collecting and storing.

In June 2013, Europe Versus Facebook filed a host of complaints over the NSA’s Prism initiative, with its targets including Facebook, Apple, Microsoft, Skype and Yahoo.

And this past July, Schrems and Europe Versus Facebook filed a class-action lawsuit against the social network in Vienna, covering several topics.

Readers: What do you think of the challenge to Safe Harbor?