LONDON — An Austrian privacy campaigner’s long-running legal battle against Facebook over its data transfers to the U.S. reached the European Union’s highest court on Tuesday.
The European Court of Justice was hearing arguments on whether Facebook’s Dublin-based subsidiary can legally transfer users’ personal data to the U.S. parent company.
A decision, which is expected by the end of the year, could have far-reaching implications for social media companies and thousands of EU businesses that send customer data to places like the U.S.
Privacy campaigner Max Schrems launched the case in 2013 after former NSA contractor Edward Snowden revealed the extent of electronic surveillance by U.S. security agencies, including the disclosure that Facebook gave the agencies access to the personal data of Europeans.
Schrems, concerned that his personal information was at risk, had challenged the data transfers through the courts in Ireland, where Facebook’s European business is headquartered.
The Irish Data Commissioner issued a preliminary decision that the transfers may be illegal because so-called “standard contractual clauses” that govern data transfers don’t adequately protect consumers’ data privacy. The clauses are data protection agreements approved by the EU’s executive Commission in which businesses commit to abiding by the bloc’s stringent privacy standards, including protecting personal data.