European Court hearing into EU-US data transfer system will not happen for at least 18 months

By Kevin Cahill

The European Court of Justice may not have a hearing into crucial questions about the legality of the EU-US data transfer system for at least 18 months according to a spokesperson for the Court.

On 2nd May the Irish High Court’s Judge Caroline Costello sent 11 controversial questions about data transfers to the US, to the EU’s highest Court in Luxemburg.

These included a query as to whether the ‘Privacy Shield’ agreement is valid. The questions are currently being translated into the 24 official languages of the EU.

An adverse response by the Court could have implications the recently introduced GDPR legislation and leave some US internet companies facing huge compensation claims under earlier laws.

The European Court of Justice must hear all parties to the litigation in Dublin, that gave rise to Judge Costello’s questions, as well as various EU bodies, a spokesman confirmed to Computer Weekly.

One of the Dublin defendants was Max Schrem’s, the Austrian privacy campaigner. He was, in effect, put in the dock in Dublin alongside Facebook, against whom he had complained, by the Irish Data Commissioner.

The case could see Schrems facing 69 legal teams, including 28 teams from the EU Member states, 28 teams from the 28 independent EU data regulators. Another 9 teams from the original corporations found to be engaged in “mass and indiscriminate surveillance” and 4 other legal teams, including the US Government, from the Dublin litigation.

The 56 legal teams from the EU and the Regulators will all be funded by the EU taxpayer, and from current indications, will be siding with the US Government in trying to persuade the Court to ignore the questions. Rather than face the spectacle of a lone Schrems as the only champion of 504 million EU citizens privacy rights, the Court is likely to order some kind of consolidation of the litigants.

Schrems has recently launched a $3.8 billion law suit against Facebook and Google in the Austrian, Belgian and German courts under the new GDPR legislation.

These complaints may be referred to the Irish Data Commissioner Helen Dixon, who regulates Facebook and Google across all 28 EU member states.

Schrems has complained that Irish litigation costs are “insanely high”. He is still waiting to have his original complaint to the Irish Regulator from 2011, reformulated in June 2013, fully investigated as ordered by the Irish High Court and the European Court of Justice.

Data Center
Data Management