Meta has announced that it’s looking at shutting down Facebook or Instagram in Europe in case it’s not able to keep the transfer of user data back to the U.S.
The company behind social media has warned users on their Annual Report on Thursday, April 4.
Regulators across Europe are currently working on new laws that will govern the manner in which EU citizens’ data is transmitted over the Atlantic.
Facebook stated: “If a new transatlantic data transfer framework is not adopted and we are unable to continue to rely on SCCs (standard contractual clauses) or rely upon other alternative means of data transfers from Europe to the United States, we will likely be unable to offer a number of our most significant products and services, including Facebook and Instagram, in Europe.”
The company also stated that it “would materially and adversely affect our business, financial condition, and results of operations.”
“Meta cannot just blackmail the EU into giving up its data protection standards,” European lawmaker Axel Voss said via Twitter in which he said the idea that “leaving the EU would be their loss.” Voss had previously written a few of the EU’s legislation on data protection.
A Meta spokesperson spoke to CNBC the following day that Meta has no intention to pull out from Europe The spokesperson also said that the company has made the same assertions in its previous filings.
“But the simple reality is that Meta, and many other businesses, organizations and services, rely on data transfers between the EU and the U.S. in order to operate global services,” they explained.
The European Commission did not immediately respond to CNBC’s request for comment. CNBC request for comments.
In August 2020 the Irish Protection Commission sent Facebook a preliminary order to stop the transfer of user information in Europe EU into the U.S., according to an report by The Wall Street Journal which cited sources who are familiar with the subject.
“The Irish Data Protection Commission has commenced an inquiry into Facebook controlled EU-US data transfers, and has suggested that SCCs cannot in practice be used for EU-US data transfers,” Nick Clegg, Facebook’s vice-president of international affairs and communication stated in an blog article that was published at the time.
“While this approach is subject to further process, if followed, it could have a far-reaching effect on businesses that rely on SCCs and on the online services many people and businesses rely on,” He said.
In Ireland, the Data Protection Commission is expected to make a decision in the first quarter of 2022.
If SCCs aren’t able to be used as a legal basis for the transfer of information, Facebook would have to segregate the majority of the information it gathers regarding European users. The DPC could impose a fine on Facebook as much as 4 percent of its revenue per year in the amount of $2.8 billion, if it fails to adhere to.
Court ruling
In July 2020 in July 2020, The European Court of Justice decided that that the standard for data transfers that is in place between EU with the U.S. doesn’t adequately protect European citizens their privacy.
The European Court of Justice, which is the supreme authority of the EU limited the ways U.S. firms could send European user information in U.S. companies. U.S. after concluding EU citizens were not able to contest American US surveillance.
U.S. agencies such as the NSA could theoretically request companies on the internet like Facebook as well as Google to give them information about the EU citizen. That EU citizen would have no idea.
The ECJ decision was issued after Austrian privacy advocate Max Schrems filed a lawsuit in the wake of the Edward Snowden revelations arguing that U.S. law did not provide enough protection against the snooping by authorities. Schrems brought the case against Facebook as well as other companies, was sending his personal data and other information about users in the U.S.
The court’s decision overturned the EU-U.S. Privacy Shield agreement which allowed firms to transmit EU citizen’s information over the Atlantic. This means that companies are forced to use SCCs.
