Advocate General Yves Bot believes the 'Safe Harbor' agreement in which Facebook data can be transferred from EU countries to servers in the US is "invalid".
The Safe Harbor agreement, designed to protect people's personal data is deemed by the Advocate General to be invalid because it can't guarantee that the National Security Agency (NSA) won't spy on swathes of European citizen's data which is transferred to US servers.
AG Bot proposes that EU-US #SafeHarbor decision be declared invalid in #Schrems case http://t.co/B0sMPtNgss
— EU Court of Justice (@EUCourtPress) September 23, 2015
The adviser also notes that because there is no independent authority monitoring the US security agencies, principles for the protection of personal data are being breached.
Bot it also believes that because surveillance carried out by the National Security Agency (NSA) is on a massive scale, indeed "indiscriminate", it allows NSA access "without any differentiation, limitation or exception".
Yves Bot, therefore, considers the Commission's previous ruling that a third country ensures adequate protection of personal data is invalid — and that each country in Europe has the right to protect its citizens data from US surveillance.
*YAY* AG at the #CJEU: #SafeHarbor is invalid. Irish #DPC has a duty to investigate. Further details as soon as we get the written version.
— Max Schrems (@maxschrems) September 23, 2015
The advice handed out involves the case of Max Schrems and 25,000 other social networkers, who are suing Facebook for tracking their data and breaching their right to privacy.
These include the alleged illegal tracking of their data under European Union law — and Facebook's involvement in the PRISM surveillance program by the UNSA revealed by ex-contractor Edward Snowden.
#Facebook now again claims that it odes not participate in #PRISM. Our response in the FAQs: http://t.co/pls4NyQ0OQ #SafeHarbor
— Max Schrems (@maxschrems) September 23, 2015
The European headquarters of Facebook, like Google, are registered in Dublin. Schrems and the social networkers are subsequently able to file the case because under EU law, all member states have to enforce court rulings from any other member states.
The Irish Data Protection Commissioner rejected the complaint but the case was referred to the European Court of Justice after Schrems appealed.
"It is apparent from the findings of the High Court of Ireland and of the [European] Commission itself that the law and practice of the United States allow large-scale collection of the personal data of citizens of the EU which is transferred, without those citizens benefiting from effective judicial protection," Bot said.
Herwig Hofmann, a lawyer for Max Schrems said he was "delighted" about the Advocate General's opinion:
"If the United States doesn't change its laws in order to guarantee a minimum of data protection to European citizens, US companies will have to process their data in the EU."
The Advocacy General Opinion is not binding — but they are hardly ever overruled and followed by the European Court of Justice judges, who are still considering the complaint about the Safe Harbor system in the wake of revelations of mass surveillance from NSA whistleblower Edward Snowden
