EU Still Blocking Social Media Users' Data Transfer

Uploaded on 2022-08-26 in TECHNOLOGY-Key Areas-Social Media, FREE TO VIEW, BUSINESS-Services-Law

Meta has said it is considering shutting down Facebook and Instagram in Europe if it can’t keep transferring user data back to the US. Recently, the EU has protected social media sites like Facebook and Instagram from shutdown. According to the GDPR, US intelligence agencies must now be blocked from accessing EU data.

That’s a dilemma. It’s difficult to exchange data between the US and EU without breaking the law on one of the continents.

A draft decision by the data privacy  regulatory authority in Ireland (where Facebook is domiciled in the EU for tax reasons) to block the social media sites' parent company Meta's data transfers from Europe to the US is stuck in the process, as regulators from across the EU argue over the details.

Meta processes European data in US data centres, including the data of Instagram and Facebook users and, according to US laws, intelligence agencies must be able to access data stored within US territory. 

In July Ireland's privacy regulator decided to block Facebook's owner Meta from using a last legal mechanism called standard contractual clauses to transfer large amounts of messages across the Atlantic. The Irish decision followed a 2020 European Court of Justice ruling that deemed large transfers of data between Europe and the US illegal because they expose Europeans to US government surveillance risks.

Meta has repeatedly said that a decision blocking its transfers would force it to shutter its Facebook and Instagram offerings in Europe.

However, the Irish decision is still pending review by other authorities in Europe. A spokesperson for the Irish regulator has said that it had received objections from several other EU regulators to its draft order, which effectively delays a final decision to shut down the data flows and gives Facebook some much needed breathing space.   

A spokesperson for the Irish regulator has said that it had received objections from several other EU regulators to its draft order, which effectively delays a final decision to shut down the data flows and gives Facebook some badly-needed breathing space.  

The Irish regulator is now expected to take time to resolve the objections. It previously has taken the regulator up to four months to attempt to tweak decisions upon request of other European regulators. If the Irish regulator fails to resolve the dissenting opinions, as it has done in most of its decisions against the US Big Tech firms, it would have to trigger an official dispute resolution mechanism.

This would bring in the European Data Protection Board, delaying the process by at least another month.

All these delays would put Meta within touching distance of being able to keep its data flows to the US alive through a new transatlantic data pact, which negotiators plan to complete within the first quarter of 2023. With the new EU-US data deal in place, Meta and thousands of other companies would be able to use that agreement to move people’s information across the Atlantic.

EU Curia:    Politico:   Politico:     AdWeek:      CNBC:     Techzine:    SEC:     Inc42

You Might Also Read: 

Ireland's Privacy Regulator Is Investigating Instagram:

 

« Think Carefully Before You Pay For Cloud Downtime Insurance
Bluetooth Standards Are Reshaping Medical Devices »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

aizoOn Technology Consulting

aizoOn Technology Consulting

aizoOn is a technology consulting company offering a range of services including IoT & embedded security, mobile security, cybersecurity assessments, risk & compliance, network monitoring and more.

Infinigate UK

Infinigate UK

Infinigate is a value-added distributor of IT security solutions to protect and defend IT networks, servers, devices, data, applications, as well as the cloud.

ForeScout Technologies

ForeScout Technologies

ForeScout delivers pervasive network security by allowing organisations to continuously monitor & mitigate security exposures & cyberattacks.

Performanta

Performanta

Performanta offer a consultative approach to people, process and technology, focusing on security projects in line with adversarial, accidental and environmental business risk.

TeleTrusT

TeleTrusT

TeleTrust is an IT Security association and network for IT security comprising members from industry, administration, consultancy and research.

Auth0

Auth0

Auth0 is a cloud service that provides a set of unified APIs and tools that instantly enables single sign-on and user management for any application, API or IoT device.

DomainTools

DomainTools

DomainTools is the global leader for internet intelligence and the first place security practitioners go when they need to know.

Raytheon Technologies

Raytheon Technologies

Raytheon Intelligence & Space delivers solutions that protect every side of cyber for government agencies, businesses and nations.

Acuant

Acuant

Acuant is a leading global provider of identity verification, regulatory compliance (AML/KYC) and digital identity solutions.

International Data Sanitization Consortium (IDSC)

International Data Sanitization Consortium (IDSC)

IDSC is a group composed of individuals and companies dedicated to standardizing terminology and practices across the data sanitization industry.

Polygraph

Polygraph

Polygraph monitors the activities of click fraud gangs, including how they operate, who they target, the techniques they use, and how to detect their fraud.

Anametric

Anametric

Anametric is developing new technologies and devices for chip scale quantum photonics, with a focus on cybersecurity.

Spera Security

Spera Security

Spera helps identity security professionals effectively and confidently measure, prioritize and reduce identity risk to better protect the organization from identity-based attacks.

Silent Push

Silent Push

Silent Push maps all internet-facing infrastructure with searchable, advanced attributes, generating early indicators of potential threats that are tailored to your environment.

ADNET Technologies

ADNET Technologies

ADNET Technologies is a SOC 2, Type II Compliant IT management and cybersecurity firm.

NinjaOne

NinjaOne

The NinjaOne Platform was built to help IT and MSP teams efficiently manage, patch, and support all endpoints.