Irish Regulator Puts Facebook Data Policies Back in Spotlight –

A draft decision by Irish regulators on Thursday threatened to block Facebook and Instagram from moving data about European Union users to the United States, the latest round in a yearslong dispute about protecting the data of European citizens from American spying.

The order from Ireland’s Data Protection Commission stems from a court decision that said data from Facebook and Instagram users in Europe could not be moved to the United States because the services were subject to American laws that give surveillance agencies access to certain information about international users.

The decision, first reported by Politico, increases pressure on American and European negotiators to finalize a deal, first announced in March, to allow businesses to keep moving digital information across the Atlantic. Meta, which owns Facebook and Instagram, has said it may have to shut down the services in Europe if it is unable to transport data easily.

Meta has been at the center of the debate because it was a subject of a lawsuit that led to a 2020 decision by the European Court of Justice, the highest court in the European Union, that voided an important data-sharing pact between the European Union and the United States. The court said the agreement, known as Privacy Shield, was illegal because of lack of privacy protections from American spying.

The decision was an example of how governments around the world are increasingly setting rules and standards governing how data can move around the globe.

A blackout of Facebook and Instagram in Europe is considered unlikely. Data protection regulators in other European Union countries have a month to voice objections to Ireland’s order. Meta can also appeal the judgment in court. The draft order submitted on Thursday only applies to Facebook and Instagram, not other Meta services like WhatsApp.

The White House has been working to strike a deal to keep data moving. Without an agreement, the operations of thousands of businesses, not just internet firms like Meta, would be thrown into question.

President Biden in March announced a preliminary agreement with Ursula von der Leyen, the president of the European Commission, but the two sides have not reached a final agreement.

Since the 2020 court decision, Meta and scores of other businesses have used a legal mechanism known as “standard contractual clauses” to keep data moving.

The draft order submitted by Irish authorities on Thursday said that mechanism was not sufficient to comply with the European Court of Justice ruling. The decision focused only on Meta this time because the company was already the subject of an investigation about its data-collection practices in Ireland.

Ireland is in charge of regulating Meta’s data practices in Europe because the company has its E.U. headquarters in Dublin.

Meta said it was confident a deal would be reached that would prevent any disruption to its services.

“This draft decision, which is subject to review by European Data Protection Authorities, relates to a conflict of E.U. and U.S. law which is in the process of being resolved,” Meta said in a statement. “We welcome the E.U.-U.S. agreement for a new legal framework that will allow the continued transfer of data across borders, and we expect this framework will allow us to keep families, communities and economies connected.”