In mid-2020, the European Court of Justice pulled the existing Privacy Shield, the existing data transfer arrangement between the U.S. and EU, because it feels it doesn’t protect the privacy of European citizens adequately.
- Zuckerberg threatens to pull Meta from Europe if it can’t transfer user data from Europe to the U.S.
- Europe called the giant corporation’s bluff when Euronews quoted France’s Finance Minister as having said, “I can confirm that life would be very good without Facebook.”
In early February 2022, the parent company of Facebook and Instagram, Meta, said in its annual report that it’s considering shutting down in the European Union. This threat comes as regulators in the Union are drawing up legislation about how data from EU citizens is transferred to America.
Another European Standoff for Facebook
The EU Court of Justice canceled the previous pact called the Privacy Shield in 2020. The reasons were concerns that the personal data of European citizens were not protected from U.S. government surveillance when taken across the Atlantic. Furthermore, the court said that European citizens had no way to effectively counter any inappropriate access to their private information.
A couple of months after the EU court’s decision, Ireland’s Data Protection Commission also began investigating the social media giant’s data transfers from the EU to the U.S. Despite threatening to pull Facebook and Instagram from Europe in its previous report to the SEC, Meta has not threatened to pull WhatsApp, a top-rated service on the European continent.
Importance of Data Agreements
The absence of a new agreement leaves many companies in legal limbo and with several regulatory risks, especially since U.S. Congress does not seem particularly eager to address the concerns coming from Europe. The threats from Meta in its past two annual reports appear to be a way of getting regulators to take action sooner rather than later. The sooner things are cleared up for businesses; the better data flows are protected, particularly transatlantic ones.
According to this report from CNBC, Facebook issued a statement saying: “In the absence of a new transatlantic data transfer framework, we are unable to continue to rely on SCCs (standard contractual clauses) or other alternative means of data transfers from Europe to the United States.
Unfortunately, this means that we will be unable to offer some of our most significant products and services to Europe, including Facebook and Instagram.” The company also warned that this would hurt their business results and finances.
What Europe Says
In a message via Twitter, European lawmaker Axel Voss, one of the legislators in previous EU data protection legislation, said that the EU would not allow Meta to blackmail its data protection standards. He also added that it would be at their loss if they withdrew.
Germany’s new economic minister, Robert Habeck, also offered his opinion, saying that he thought life without Meta “is fantastic.” He said he has lived without Meta’s two platforms for over four years since he was hacked. French Finance Minister Bruno Le Maire joined in the argument against Meta and agreed with his German counterpart.
What will Meta do?
Since Meta’s annual report, a spokesperson told CNBC that the company does not desire a European withdrawal. However, the company has continued to raise concerns hoping that organizations relying on data transfers between the two continents will continue doing business.
In the meantime, Ireland’s Protection Commission is due to make a final decision on the use of standard contractual clauses before mid-2022. If they deem these clauses illegal for transferring data, Facebook will have to silo most of the data collected from its EU users. In addition, it will face a fine from the Irish Data Protection Commission on its annual revenues if it does not comply.
Reaching a fully compliant arrangement can take time since these are complex. However, one can only hope that discussions between the two companies will balance the interests of concerns about both national security and privacy.