The first days of 2021 had news outlets across the world displaying headlines about recent developments in privacy of the American tech giants. If you yourself are using their services, do read on, as these developments can have a big impact on you, the privacy of your company, and your customers.
Facebook EU data move
Facebook Inc will shift all its users in the United Kingdom into user agreements with the corporate headquarters in California, moving them out of their current relationship with Facebook’s Ireland and out of reach of Europe’s privacy laws.
The change takes effect next year and follows a similar move announced in February by Google. Those companies and similar tech giants have European head offices in Dublin, and the UK’s exit from the EU will change its legal relationship with Ireland, which remains in the Union.
Experts stated the problem boils down to whether the UK can obtain an “adequacy decision” with the EU which would guarantee that EU citizens’ data would be protected with the same rigor in the UK as in the EU under GDPR. Such a lack of an adequacy decision by the EC would have a large impact on businesses dealing with the UK, as it introduces hurdles for EU-UK transfer of personal data.
Privacy advocates fear the UK may move to a looser data privacy regime, especially as it pursues a trade deal with the United States, which offers far fewer protections. Some also worry that UK Facebook users could more easily be subject to surveillance by U.S. intelligence agencies, as the U.S. Cloud Act, passed in 2018, set a way for the UK and United States law-enforcement agencies to smoothen data exchange about cloud computing users.
This access by intelligence agencies was exactly the subject of the well-known CJEU cases by Max Schrems, that invalidated the EU-US Privacy Shield, making most EU-US data transfers illegal overnight. PrivacyPerfect can offer help and clarification with such issues.