Facebook-owner Meta, Google, and others face key Irish data privacy ruling
Meta’s business model, like that of Google, relies on collecting enough data to discern what users might be interested in or want to purchase, and to serve them relevant ads.
The stark warning by Facebook-owner Meta Platforms of a retreat from Europe may just be the start, as Ireland's Data Protection Commission prepares a decision that could paralyse transatlantic data flows and risk billions in revenue for tech giants.
The Irish data watchdog, which polices the US tech giants that have flocked here, is soon to weigh in on the legality of so-called standard contractual clauses used by Meta, Alphabet-owned Google, and others to legally transfer swathes of user data to the US for processing.
Privacy experts say the imminent decision could eliminate one of the only remaining options for Meta and potentially thousands of other companies that rely on shipping vast amounts of commercial data across the Atlantic.
The Irish authority already cast doubt on the legality of the clauses in an interim opinion, saying they failed a key test of protecting European citizens from the prying eyes of US agencies.
Such is the tension around the ruling, that Meta warned in its latest annual report that it will “likely be unable” to offer services including Facebook and Instagram in the EU if it’s unable to use the clauses.
Facebook produced $8.2bn (€7.2bn) in revenue in Europe over the last quarter of 2021, about a quarter of global revenue.
While the UK will count for a significant portion of that and will not be impacted by the ruling on clauses, the EU is a serious money maker for Meta, beaten only by its home market of the US and Canada.
There is no easy work-around because European data rules follow a person’s information, no matter where it is.
Meta’s business model, like that of Google, relies on collecting enough data to discern what users might be interested in or want to purchase, and to serve them relevant ads.
“What’s at stake here are the entire data transfers to the US and the services that depend on them,” said Johannes Caspar, an academic who recently stepped down as one of Germany’s top data protection regulators.
Despite its latest comments in its annual report that it would “likely be unable” to offer Facebook and Instagram in Europe if regulators ruled that clauses were unfeasible, Meta has also stated — most recently in a blog post that it’s “absolutely not threatening to leave Europe” — a plea that Nick Clegg, now Meta’s leading policy executive, originally made in September 2020.
Google pointed to a January blog post by Kent Walker, its head of global affairs which called for a rapid end to the impasse over a replacement to a EU-US privacy pact that was struck down by the EU’s top court in 2020 over longstanding fears that citizens’ data wasn’t safe from American surveillance.
The controversy over data transfers stretches back to 2013, when Edward Snowden exposed the extent of spying by the US National Security Agency.
A surprise 2020 ruling by the EU’s highest court toppled the so-called Privacy Shield, a trans-Atlantic transfer pact, over longstanding fears that citizens’ data wasn’t safe from American surveillance.
But while the separate, contract-based system was upheld, the EU Court of Justice’s doubts about American data protection already made this a shaky alternative too.
“For many companies it is virtually impossible to fully comply” with the 2020 EU court ruling, said Tom De Cordier, a technology and data protection lawyer at CMS DeBacker in Brussels.
Should the Irish authority double down on its interim opinion over the contractual clauses, the doomsday scenario for Meta and its rivals of a tech blackout has started to emerge.
The Irish authority’s decision “could now be a precedent which will cause the whole situation to slide”, said Mr Caspar.
“It’s up to politicians in the US to avoid plunging their tech industry into chaos.”
- With assistance from Aoife White. Bloomberg
CONNECT WITH US TODAY
Be the first to know the latest news and updates
