Meta says in a Securities and Exchange Commission filing that it is considering leaving Europe if it can no longer exchange European user data with the United States, following the Schrems II decision.
The Schrems II decision is a key judgment of the Court of Justice of the European Union which, in July 2020, declared that the Privacy Shield, the personal data transfer mechanism of the EU and the United States, was no longer legal.
The Privacy Shield is a US law that gave US authorities the right to collect personal data from EU data subjects, according to the Court, without adequate guarantees.
Furthermore, the ruling affirms that the EU data owners lacked effective means to claim against the US government.
This action dates back to 2011, when the Austrian lawyer, activist and writer Maximillian Schrems reviewed the 1,222 pages of information that Facebook had about him. He discovered data that he believed he had deleted and others that he had not consented to be shared and lodged a complaint with the Irish data protection commissioner.
Today, with the General Data Protection Regulation (GDPR) in force, the principles of the US Privacy Shield have been declared non-compliant and therefore invalid.
Europe prepares a new data protection law
The Schrems II ruling affects all US companies, not just Facebook. Includes Google, Microsoft, and Amazon, whose cloud services make up most of the Internet in the Western world.
Previously, Google Analytics and Google Fonts were in court, where it was stated that Google Fonts sent personal data, such as IP address, to another service without permission and without a clear and valid reason to do so.
Although Schrems II invalidates the Privacy Shield, the legal protections offered by the Standard Contractual Clauses and the Binding Corporate Rules remain in force.
The scams on Facebook, Twitter and Instagram reached a historical record: 690 million euros
However, Facebook is threatening to withdraw from Europe if it cannot continue to share European user data with its US operations, applications and data centers.
While the European Court of Justice affirms that personal data is less protected in the United States than in Europe, Facebook affirms that the interruption of transatlantic data transfers will have a devastating impact in its advertising capacity.