TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

The Privacy Advisor | ECJ Hears Safe Harbor Arguments Related reading: Commission Gives U.S. 13 Ways To Save Safe Harbor

rss_feed

""

""

5,11, 16

The European Court of Justice (ECJ) today heard arguments on C-362/14, a case originally brought by Austrian law student Max Schrems against Ireland's Office of the Data Protection Commissioner in the Irish courts and then referred up the line to the EU's highest adjudicators. At issue is this: Does the Safe Harbor program adequately protect the rights of EU citizens when "compliant" companies are known to share EU citizen data with U.S. intelligence bodies, such as the NSA? 

Today, a number of voices weighed in on the question, including Schrems, the European Commission, the European Parliament and a individual member states. 

Screen Shot 2015-03-24 at 11.24.01 AM

The European Court of Justice convenes.

At the finish, the ECJ's Advocate General declared an opinion would be rendered by June 24. It is perhaps not an overstatement to say that countless business and government leaders on both sides of the Atlantic Ocean will be gnawing their fingernails in the interim. 

So, do we have an indication as to how the ECJ will rule? Early reactions have been triggered by Schrems, himself, who live-tweeted the proceedings this morning in Luxembourg, including his own arguments. You can read though all of them, plus reactions to his tweets, by following the #CJEU hashtag on Twitter

However, to summarize, Schrems, the Parliament, a number of member states (such as Poland) and advocacy group Digital Rights Ireland argued that the commission, itself, has declared Safe Harbor inadequate, going back as far as 2000, and that it seems clear that the EU cannot with Safe Harbor ensure the protection of its citizens' privacy rights. For example:

The counterargument, presented largely by Ireland and the commission, is that Safe Harbor is a politically and economically necessary framework that is still under negotiation and is best left in the hands of the commission to work toward a better protection of EU citizen rights.

The commission referenced the 13-point plan for reforming Safe Harbor and asked the court to let the process continue to work, so as to retain the ability for commerce to run smoothly in the interim.

However, many commentators are seizing on a particular admission by the commission, when asked by the court, that, no, it cannot guarantee adequate protection of EU citizen data at the moment.

The court seemed to focus on Article 25 of the Data Protection Directive, which "ensures" the protection of citizen data. If the commission cannot ensure that citizen data is protected via Safe Harbor, isn't that a problem?

This line of questioning led Schrems to offer that he'd like to marry this particular judge.

The commission replied that it understands its duty to protect citizen data, that the U.S. has mechanisms in place for enforcing Safe Harbor through the Federal Trade Commission and that it believes it can convince the U.S. to take further steps to allow EU citizens to have redress when they believe their rights have been violated.

In his final pleadings, Schrems emphasized three major points: First, that the commission itself has admitted it doesn't have a way to ensure protection of EU data; second, that U.S. law seems to trump EU law in the Safe Harbor agreement, and, third, the EU has a duty to protect citizen data that must be paramount.

The case is now in the hands of the court, which ended proceedings with the advocate general telling us we've got a three-month wait on our hands:

Look for continuing coverage and reaction in this space.

Editor's Note: In the original version of this piece, the opinion of the Advocate General was conflated with the ruling of the ECJ. While the Advocate General's opinion is influential, the ECJ does not always rule in concurrence with the AG's legal opinion. The story was adjusted slightly to correct this. 

Comments

If you want to comment on this post, you need to login.