Brussels — The Irish High Court will begin hearing a data transfer case tomorrow, 7th February, that questions the validity of one of the few legal instruments European and international companies rely on for data transfers from Europe to third countries such as the United States. The Irish Data Protection Commissioner is asking the Irish High Court to refer the case to the Court of Justice of the European Union (CJEU) to determine the validity of “standard contractual clauses” (SCC).
EU law restricts the transfer of personal data from the European Economic Area (EEA) except for a few legal mechanisms that companies can use. SCCs, as set by the European Commission, are among the most commonly used of these mechanisms. The clauses impose contractual responsibilities on companies when transferring data to safeguard consumers.
Following the CJEU’s “Safe Harbour” ruling in 2015, Maximillian Schrems complained to the Irish Data Protection Commissioner that SCCs do not provide users with sufficient privacy safeguards under EU law. Since then, the EU-U.S. Privacy Shield has been adopted and it provides a number of new privacy safeguards for all types of EU-U.S. data transfers, which would seem to address Mr. Schrems’ concerns.
The Computer & Communications Industry Association has been a longtime advocate for stronger privacy safeguards and the need for data transfers between the E.U. and the rest of the world. The following can be attributed to CCIA Europe Director, Christian Borggreen:
“European and international companies rely on this legal mechanism for their data transfers from the EU to the world. We hope the Irish High Court will take note of the new privacy safeguards for data transfers to the U.S. and not defer the question to the CJEU. Europe must not become a disconnected continent in a global digital economy.”