In what is likely to prove the biggest surveillance fallout since the Snowden revelations, the European Court of Justice has revoked a deal that enabled US technology firms to transfer personal information in bulk to the US.
Under the EU Safe Harbour ruling, US firms can transfer data from their European subsidiaries providing that the information remains secure. However, following the exposure of the NSA’s mass surveillance operations, this protection cannot be guaranteed.
As a result of the ECJ ruling, many high profile technology firms have amended their terms of service in the hope that they can carry on operating as usual. However, some industry experts are predicting major ramifications. EU citizens could now potentially request that their data is not sent to the US and the confusion over how to interpret the ruling could prove damaging to Europe’s digital economy, particularly for small to medium-sized businesses.
Speaking to The Financial Times, Penny Pritzker, the US commerce secretary said that the EU ruling creates “uncertainty for both US and EU companies and consumers, and puts at risk the thriving transatlantic digital economy.”
The relationship between the EU and the US is also certain to be affected by the rejection of the Safe Harbour legislation, with agreements ongoing regarding transatlantic data transfers and the Transatlantic Trade and Investment deal.
The EU’s decision to investigate the privacy of its citizens began when Maximillian Schrems, an Austrian national, lodged a complaint against the Irish Data Protection Commissioner for failing to protect his Facebook data from US surveillance. However, the Irish Commission believed that it was unable to take action due to the Safe Harbour ruling.
Read more: EU’s data sharing deal with US questioned
Although privacy advocates are sure to be delighted at the decision taken by the ECJ, many have accused the EU of hypocrisy as it is not only US surveillance programmes that pose a threat to civil liberties.