Facebook faces tougher privacy regulations in Europe


The European Court of Justice has ruled that the European Commission had no business making agreements on privacy regulations for all member states, which now means that Facebook and other social media sites must now adhere to Belgium’s strict privacy regulations

“Great deal of uncertainty”

Facebook and other internet concerns face tougher legislation over their use of private information, following a ruling of the European Court of Justice in Luxembourg this week.

The court ruled that the agreement on privacy protection between the US and the EU – the Safe Harbour rules dating from 2000 – is unlawful. The European Commission exceeded its authority, the court said, when it made decisions on behalf of the member states.

The rules allowed American companies, including Facebook, Apple and Google, to transfer data on European customers for storage in the US. The agreement was an exception to the general rule that data may not be transferred to any country with privacy rules that are less stringent than the EU. The new ruling means that the exception is no longer valid, leaving it open to member states to impose their own conditions on internet companies.

For Bart Tommelein, federal minister for privacy protection (pictured), the European Court’s ruling is a confirmation of what he made clear to Facebook earlier this year. “My misgivings over Facebook’s privacy rules seem to have been justified,” he said. “There is a great deal of uncertainty as to whether Facebook users are sufficiently protected. This means that Facebook has to abide by the rules of Europe, and Belgium.”

Facebook Europe said it was “absolutely essential for the European and American governments to ensure there are reliable conditions for the lawful transfer of data, and that questions of national security are resolved”.

The case was originally filed by Max Schrems, an Austrian national, via a complaint to data protection authorities in Ireland, challenging the transfer of European data to the US. He brought the case following revelations by whistle-blower Edward Snowden that the National Security Agency in the US was routinely screening the data traffic.

The various data protection authorities of the EU member states, including Belgium’s privacy commission, were due to meet today to discuss next steps. In the meantime, according to Tommelein, Facebook will have to adjust its behaviour. “Facebook will very clearly have to take steps to ensure the protection of people’s privacy,” he told VRT, “and we will be watching carefully to see they do.”

Photo courtesy VRT