According to privacy experts, the impending ruling could eliminate one of Meta’s only remaining choices, as well as those of hundreds of other organizations that rely on transferring massive volumes of commercial data over the Atlantic.
The strong warning from Meta Platforms Inc. of a withdrawal from Europe may be only the beginning, as one of the region’s major privacy watchdogs prepares a ruling that could stymie transatlantic data flows and cost tech titans billions of dollars in income.
The Irish data protection authority, which polices the Silicon Valley tech behemoths that have flocked to the country, will soon rule on the legality of so-called standard contractual clauses used by Meta, Alphabet Inc.’s Google, and others to legally transfer vast amounts of user data to the United States for processing.
According to privacy experts, the impending ruling could eliminate one of Meta’s only remaining choices, as well as those of hundreds of other organizations that rely on transferring massive volumes of commercial data over the Atlantic.
In an interim ruling, the Irish authority questioned the constitutionality of the SCCs, stating they failed basic criteria of protecting European residents from the prying eyes of US agents.
Because of the uncertainty surrounding the verdict, Meta cautioned in its most recent annual report that it will “likely be unable” to offer services such as Facebook and Instagram in the EU if it is unable to employ SCCs.
There is no simple solution. Storing data in Europe may not be possible for any service reliant on global customer interactions, from gaming to video streaming, because European data standards apply to a person’s information regardless of where it is.
Meta’s business strategy, like Alphabet’s Google, is based on gathering enough data to determine what consumers might be interested in or want to buy and then serving them relevant adverts. The corporation is already restricted by Europe’s privacy restrictions, and a ban on SCCs would most likely make its business model more expensive and inefficient to operate.
“What’s at danger here are the entire data transfers to the United States and the services that rely on them,” said Johannes Caspar, a scholar who just resigned as one of Germany’s top data protection authorities.
Despite its latest comments in its annual report that it would “likely be unable” to offer Facebook and Instagram in Europe if regulators ruled that SCCs were unfeasible, Meta has also stated — most recently in a blog post that it is “absolutely not threatening to leave Europe,” a plea that Nick Clegg, now Meta’s leading policy executive, first made in September 2020.
“Ongoing uncertainty regarding data transfers affects a huge number of businesses and organizations in Europe and the United States,” a Meta spokeswoman stated in an emailed response.
“The basic truth is that we all rely on data transfers to run worldwide services.” “We require a long-term solution to EU-US data exchanges in order to keep people and economies connected and transatlantic trade protected,” they stated.
Google cited a January blog post by Kent Walker, the company’s head of global affairs, in which he called for a quick resolution to the impasse over a replacement for an EU-US privacy pact that was struck down by the EU’s top court in 2020 due to long-standing concerns that citizens’ data was vulnerable to American surveillance.
“The stakes are too high, and international trade between Europe and the United States is too crucial to the livelihoods of millions of people,” he said.