EU Still Blocking Social Media Users' Data Transfer

Uploaded on 2022-08-26 in TECHNOLOGY-Key Areas-Social Media, FREE TO VIEW, BUSINESS-Services-Law

Meta has said it is considering shutting down Facebook and Instagram in Europe if it can’t keep transferring user data back to the US. Recently, the EU has protected social media sites like Facebook and Instagram from shutdown. According to the GDPR, US intelligence agencies must now be blocked from accessing EU data.

That’s a dilemma. It’s difficult to exchange data between the US and EU without breaking the law on one of the continents.

A draft decision by the data privacy  regulatory authority in Ireland (where Facebook is domiciled in the EU for tax reasons) to block the social media sites' parent company Meta's data transfers from Europe to the US is stuck in the process, as regulators from across the EU argue over the details.

Meta processes European data in US data centres, including the data of Instagram and Facebook users and, according to US laws, intelligence agencies must be able to access data stored within US territory. 

In July Ireland's privacy regulator decided to block Facebook's owner Meta from using a last legal mechanism called standard contractual clauses to transfer large amounts of messages across the Atlantic. The Irish decision followed a 2020 European Court of Justice ruling that deemed large transfers of data between Europe and the US illegal because they expose Europeans to US government surveillance risks.

Meta has repeatedly said that a decision blocking its transfers would force it to shutter its Facebook and Instagram offerings in Europe.

However, the Irish decision is still pending review by other authorities in Europe. A spokesperson for the Irish regulator has said that it had received objections from several other EU regulators to its draft order, which effectively delays a final decision to shut down the data flows and gives Facebook some much needed breathing space.   

A spokesperson for the Irish regulator has said that it had received objections from several other EU regulators to its draft order, which effectively delays a final decision to shut down the data flows and gives Facebook some badly-needed breathing space.  

The Irish regulator is now expected to take time to resolve the objections. It previously has taken the regulator up to four months to attempt to tweak decisions upon request of other European regulators. If the Irish regulator fails to resolve the dissenting opinions, as it has done in most of its decisions against the US Big Tech firms, it would have to trigger an official dispute resolution mechanism.

This would bring in the European Data Protection Board, delaying the process by at least another month.

All these delays would put Meta within touching distance of being able to keep its data flows to the US alive through a new transatlantic data pact, which negotiators plan to complete within the first quarter of 2023. With the new EU-US data deal in place, Meta and thousands of other companies would be able to use that agreement to move people’s information across the Atlantic.

EU Curia:    Politico:   Politico:     AdWeek:      CNBC:     Techzine:    SEC:     Inc42

You Might Also Read: 

Ireland's Privacy Regulator Is Investigating Instagram:

 

« Think Carefully Before You Pay For Cloud Downtime Insurance
Bluetooth Standards Are Reshaping Medical Devices »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Portnox

Portnox

In 2007, Portnox set out to create one of the world’s easiest to use, most loved, value-driven network security solutions — and our customers will tell you we’ve succeeded.

Carson & SAINT

Carson & SAINT

Carson & SAINT is an award-winning consulting firm with deep experience in cybersecurity technology, software, and management consulting.

International Accreditation Forum (IAF)

International Accreditation Forum (IAF)

The IAF is the world association of Conformity Assessment Accreditation Bodies. Its primary function is to develop a single worldwide programme of conformity assessment.

ACET Solutions

ACET Solutions

ACET Solutions delivers a wide range of Automation, Cyber Security and Enterprise IT/OT Integration Solutions to industrial clients.

SAIFE

SAIFE

SAIFE has adapted a Software Defined Perimeter approach and paired it with a Zero Trust model that defines access by the user, their device, and where they are located.

CYRISMA

CYRISMA

CYRISMA is a revolutionary cybersecurity platform that helps organizations manage risk without the usual headaches associated with enterprise cybersecurity tools.

CyberPeace Foundation

CyberPeace Foundation

CPF is a think tank of cybersecurity and policy experts with the vision of pioneering Cyber Peace Initiatives to build collective resiliency against CyberCrimes and global threats of cyber warfare.

Citizen Lab - University of Toronto

Citizen Lab - University of Toronto

Citizen Lab focuses on research and development at the intersection of cyberspace, global security & human rights.

Cybaverse

Cybaverse

Cybaverse (formerly North Star Cyber Security) was founded to create the perfect blend of a Managed Security Service Provider (MSSP) and a Cyber Security Consultancy in one.

Infinipoint

Infinipoint

Infinipoint pioneers the first Device-Identity-as-a-Service (DIaaS) solution, addressing Zero Trust device access and enabling enterprises of all sizes to automate cyber hygiene.

Cerby

Cerby

Your team uses unmanageable applications that put you, your company, and your data at risk. Protect, secure, and accelerate your business automatically with Cerby.

VLC Solutions

VLC Solutions

VLC Solutions is an independent solutions and technology service provider offering Cloud Services, Cybersecurity, ERP Services, Network Management Services, and Compliance Solutions.

North Green Security

North Green Security

North Green Security is a UK-based cyber security training and consultancy company.

Redefine

Redefine

Redefine are Crypto-Native, Cyber Experts, and Blockchain Believers. We are here to make Web3 anti-fragile, safe and accessible to all.

CyberEPQ

CyberEPQ

CyberEPQ (Cyber Extended Project Qualification) is the UK’s first and only Extended Project Qualification in Cyber Security.

Inholo

Inholo

Inholo offers tools to manage the risks of synthetic realities, starting with an AI-photo detection service.