One of the most powerful regulators in the EU has warned that companies could face some massive transatlantic data flows, because of an EU court ruling from last year. Policymakers have taken some steps to avoid the outcome.
Last July, Europe’s highest court ruled an EU-US data transfer agreement invalid. The court cited concerns that the US surveillance regime might not respect the privacy of EU citizens.
Irish Data Protection Commissioner Helen Dixon was involved in the case and said that the full impact would be determined by a soon-to-be-announced ruling in Ireland and efforts by the bloc and US to improve.
The future of data transfer
The July ruling has caused many to wonder whether some transfers of personal data held by companies in the EU to the US would even be possible. Dixon’s office issued a provisional order in August, that Facebook uses to transfer EU user data to the US.
However, the provision cannot be used in practice. It was frozen by the Irish High Court and a decision on that, which Dixon said may be decided in April, will be important in the future of data flows across the Atlantic.
The Irish question
Dixon continued to say that the parallel political efforts to resolve the issue are in the very early stages and generally speaking, removing from that Facebook case, there could be a substantial disruption for individuals and organizations alike.
Ireland, which hosts the EU headquarters for many of the world’s largest internet companies, has been accused of underfunding its data regulator.
Many of the companies are headquartered in Ireland because the corporate tax is low there and they can dodge paying it to the IRS in the US. It remains to be seen what kind of disruptions are going to be experienced.