Cookies on Pinsent Masons website

This website uses cookies to allow us to see how the site is used. The cookies cannot identify you. If you continue to use this site we will assume that you are happy with this

If you want to use the sites without cookies or would like to know more, you can do that here.

Facebook applies to join safe harbour proceedings

Facebook has applied to join judicial review proceedings at the High Court in Dublin over the way Ireland's data protection commissioner (DPC) handled concerns about Facebook's data transfer arrangements, a spokesman for the company told the Irish Independent.  21 Oct 2015

Earlier this month Court of Justice of the EU (CJEU) ruled that the 'safe harbour' framework for EU-US data transfers currently used by Facebook, along with many other companies, is "invalid".

The CJEU's judgment came in a case referred to it from the High Court in Dublin. The Irish court has been reviewing a complaint raised by Austrian privacy advocate Maximillian Schrems about the way Ireland's DPC handled his privacy concerns over Facebook. It will now continue its review, following the CJEU decision.

"We will request an opportunity to join the proceedings in the Irish High Court where the Irish DPC’s investigation is to be discussed," the Facebook spokesperson told the Irish Independent. "We believe it is critical that we join the proceedings so that we can provide accurate information about our procedures and processes, as well as to correct inaccuracies that already exist."

The Article 29 Working Party, the advisory body comprising representatives from each of the 28 EU data protection authorities, has responded to the CJEU ruling by calling for EU member states and institutions to open discussions with US authorities to find solutions to allow data transfers from the EU to the US by the end of January.

EU regulators "consider that it is absolutely necessary to have a robust, collective and common position on the implementation on the judgment", the working group said.

Until a new agreement is reached, companies can continue to use standard contractual clauses and binding corporate rules, other recognised ways of transferring data to non-EU countries, to provide protection for subjects of data collection and transfer, Article 29 said.