Sonicwall Market Segment Skin 160x1200

Sonicwall Market Segment Skin 160x1200

iTWire TV 705x108notfunny

Sunday, 06 February 2022 16:53

Meta threatens to pull Facebook and Instagram from Europe if it can't share data with the US Featured


Meta states in an SEC filing it is considering leaving Europe if it can no longer exchange data from European users with the United States, following the Schrems II decision. This story is evolving, and since publication a response from Meta has been received which confirms the company is concerned it will be unable to share data between the EU and US, but denies its concern is over targeted advertising.

Facebook states in its SEC filing, "if a new transatlantic data transfer framework is not adopted and we are unable to continue to rely on Standard Contractual Clauses [now also subject to new judicial scrutiny] or rely upon other alternative means of data transfers from Europe to the United States, we will likely be unable to offer a number of our most significant products and services, including Facebook and Instagram, in Europe, which would materially and adversely affect our business, financial condition, and results of operations."

The filing continues to say such legislation "may also result in limitations on our advertising services"

The comments are in relation to the Schrems II decision, which is a key ruling by the Court of Justice of the European Union which, in July 2020, declared the Privacy Shield, the EU/S personal data transfer mechanism was no longer lawful. The Privacy Shield is US law that provided US authorities with the right to collect personal data about EU data subjects without, the Court says, adequate safeguards. Further, the judgement states EU data subjects lacked effective means to seek redress against the US Government.

This action itself harks back to 2011 when Austrian lawyer, activist, and author Maximillian Schrems pored through 1,222 pages of information Facebook held about him. He discovered details he believed he had deleted, and others he had not consented to be shared and lodged a complaint with the Irish data protection commissioner (as Facebook falls under Irish Jurisdiction, where it settled for tax reasons).

Fast forward today and with the European General Data Protection Regulation (GDPR) well in force, the US Privacy Shield principles were found non-compliant and consequently invalid.

The Schrems II ruling affects every American company, and not solely Facebook. It includes Google, Microsoft, and Amazon whose cloud services form the backbone of most of the Western World’s Internet. As such, the road to Schrems II will be a long and slow one as courts and industry navigate their way through the ramifications of the judgement.

Previously, Google Analytics and Google Fonts have been before the court where it was asserted that Google Fonts was sending personal data such as IP address to another service without permission, and without a clear and valid reason to do this.

While some fear Europe will alienate itself from the major cloud providers, and the Google Fonts ruling sets a precedent in cases where content is served from a content distribution network or CDN, there are other legal regimes in place that are approved to send EU data to the US. While Schrems II invalidates Privacy Shield, the legal protections afforded to Standard Contractual Clauses and Binding Corporate Rules continue to be in effect.

Nevertheless, Facebook is threatening it will simply pull out of Europe altogether if it is no longer able to share data about European users with its US operations, applications, and data centres. While the European Court of Justice states personal data is less well-protected in the US than in Europe, Facebook says (via stopping transatlantic data transfers will have a devastating impact on the company, which relies on the processing of user data to power its targeted online advertisements capabilities.

Meta's response

A Meta spokesperson advised iTWire, "We have absolutely no desire and no plans to withdraw from Europe, but the simple reality is that Meta, and many other businesses, organisations and services, rely on data transfers between the EU and the US in order to operate global services. Like other companies,we have followed European rules and rely on Standard Contractual Clauses, and appropriate data safeguards, to operate a global service. Fundamentally, businesses need clear, global rules to protect transatlantic data flows over the long term, and like more than 70 other companies across a wide range of industries, we are closely monitoring the potential impact on our European operations as these developments progress.”

Meta highlights the relevant excerpt from its SEC filing says, "We are also subject to evolving laws and regulations that dictate whether, how, and under what circumstances we can transfer, process and/or receive certain data that is critical to our operations, including data shared between countries or regions in which we operate and data shared among our products and services. For example, in 2016, the European Union and United States agreed to a transfer framework for data transferred from the European Union to the United States, called the Privacy Shield, but the Privacy Shield was invalidated in July 2020 by the Court of Justice of the European Union (CJEU). In addition, the other bases upon which Meta relies to transfer such data, such as Standard Contractual Clauses (SCCs), have been subjected to regulatory and judicial scrutiny."

"For example, the CJEU considered the validity of SCCs as a basis to transfer user data from the European Union to the United States following a challenge brought by the Irish Data Protection Commission (IDPC). Although the CJEU upheld the validity of SCCs in July 2020, our continued reliance on SCCs will be the subject of future regulatory consideration. In particular, in August 2020, we received a preliminary draft decision from the IDPC that preliminarily concluded that Meta Platforms Ireland's reliance on SCCs in respect of European user data does not achieve compliance with the GDPR and preliminarily proposed that such transfers of user data from the European Union to the United States should therefore be suspended. Meta Platforms Ireland challenged procedural aspects of this IDPC inquiry in a judicial review commenced in the Irish High Court in September 2020. In May 2021, the court rejected Meta Platforms Ireland's procedural challenges and the inquiry subsequently recommenced."

"We believe a final decision in this inquiry may issue as early as the first half of 2022. If a new transatlantic data transfer framework is not adopted and we are unable to continue to rely on SCCs or rely upon other alternative means of data transfers from Europe to the United States, we will likely be unable to offer a number of our most significant products and services, including Facebook and Instagram, in Europe, which would materially and adversely affect our business, financial condition, and results of operations."

To be clear, Meta states to iTWire its concern over Schrems II is not targeted ads but is about the company's ability to transfer data securely and safely between the US and EU.

iTWire has asked further clarifying questions and will update this story when able.

Read 7740 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News