Today, Advocate General Yves Bot advised the European Court of Justice that the US-EU Safe Harbor framework for the protection of trans-Atlantic transfers of personal data is invalid. The long awaited Opinion of the Advocate General in the so-called “Schrems case” (Case C-362/14 Maximilian Schrems v. Data Protection Commissioner) has now been published.
The case concerns the transfer of Mr. Schrems’ personal data by Facebook Ireland to servers located in the United States. Mr. Schrems claimed that his personal data was unlawfully exposed to surveillance measures by the United States’ intelligence services. Mr. Schrems filed a complaint with the Irish Data Privacy Authority, which refused to investigate the matter, based on its opinion that it was bound by the EU Commission Decision establishing the US-EU Safe Harbor framework. Mr. Schrems filed for judicial review of the Irish DPA’s finding with the Irish High Court. Upon review, the Irish High Court asked the European Court of Justice to determine whether a data protection authority is bound by a Commission finding that the US-EU Safe Harbor framework provides adequate protection in the face of a complaint alleging it does not, and additionally, if the data protection authority may or must conduct an independent investigation of the matter.
Surprisingly, Advocate General Bot took the view that national data protection authorities are not necessarily bound by the EU Commission Decision establishing the US-EU Safe Harbor framework and may decide independently to suspend an international data transfer. More generally, the Advocate General expresses doubts as to the ability of EU citizens to obtain effective judicial protection once their personal data is transferred to the US. The Advocate General considers that the US-EU Safe Harbor framework does not compensate for the United States’ lack of ability to ensure an adequate level of protection for trans-Atlantic transfers of personal data. Accordingly, he recommends the ECJ to invalidate the US-EU Safe Harbor framework.
The Advocate General’s Opinion is not binding on the Court of Justice. However, in practice, the Court of Justice tends to follow the Advocate General opinions. Judgment will be given within the coming months.
The Opinion is available here.