In the wake of revelations about NSA snooping, Europe's highest court is set to re-evaluate the rules around international data transfers. A European commission decided in 2000 that personal information could be sent across borders, provided countries abided by certain principles. But an Austrian group of privacy advocates claims Edward Snowden's revelations show the NSA wasn't abiding by those rules.
Are "safe harbor" agreements from 2000 still relevant?
Last year, Europe-v-Facebook filed a complaint with the Irish Data Protection Commissioner. The complaint asked the commissioner to examine whether the United States had violated so-called "safe harbor" agreements by allowing the National Security Agency to intercept personal Facebook data sent into the country. The agreements, approved by both the U.S. and E.U., allow data to be sent into the U.S., provided the data is protected within the standards set by European law.
The commissioner declined to pursue the request, and Europe-v-Facebook took the complaint up with the Irish High Court. (Facebook's European subsidiary is registered in Ireland, and the High Court holds jurisdiction there.) Today, they made a ruling: the complaint will be kicked up to the Court of Justice of the European Union (CJEU), the highest court in the E.U.
The court was asked to focus specifically on whether the safe harbor agreements should be re-evaluated, but that could be enough to have consequences for data shipped across the pond.