The Irish Data Protection Commissioner (DPC) Helen Dixon, the EU's privacy watchdog, initially refused to investigate Facebook for its illegal movement of data back to the US. This was because of existing agreements which made them legal for companies to do so.
However, Europe's highest court ruled that Ireland, where Facebook's European headquarters is located, is to further investigate the matter. Irish authorities have delegated the matter to the DPC and Dixon's office has promised to take on the investigation.
This landmark ruling is one of the European Court of Justice (ECJ) biggest cases yet and it continues the complaint of Austrian privacy activist Max Schrems against Facebook, according to RTE News. Schrems alleged that according to the Snowden leaks, his data was not being adequately protected by US authorities under the "Safe Harbour" agreement.
This agreement allowed the exportation of data of EU citizens provided that US authorities took steps compliant to EU standards. The Snowden leaks showed that companies like Google, Facebook, and Microsoft were compelled by the National Security Agency (NSA) to share personal data of its European users under a program called PRISM, SC Magazine noted.
"Safe Harbour" has since been invalidated and a three-month deadline was announced for a new version that is sufficient to both sides. Otherwise, other legal methods like standard contractual clauses and binding corporate rules should prove sufficient to companies which rely on "Safe Harbour."
Mr. Schrems has expressed his satisfaction with the progress of the investigation. DPC Helen Dixon has also come out with a statement saying she welcomes the ruling and will proceed "with all due diligence."
Facebook also came out with statement saying that they too welcome the decision as it allows them to "correct what it said were inaccuracies about its reported procedures and processes," The Next Web reported.
Is this ruling the most important decision for European data protection yet? Share this article if you agree!