Earlier this week, the Irish equivalent of the CNIL asked Facebook to stop sending personal data of European consumers to the United States. In a press release, the social network explains that it would be very impossible for it to maintain its services in Europe under these conditions. He therefore asks for more flexibility on this decision. He also opens the discussion to find a solution that everyone is satisfied with.
What is the primary purpose of Facebook? Reconnecting people to the Internet who may have lost sight of each other over the years. And this is not just about a region of the world, a country or a city, but the whole planet. A childhood friend now lives on the other side of the globe? You can contact him, reconnect and exchange. For this, the data of the two users must meet. And where do they meet? In the USA, at Facebook!
Read also – Facebook News: the personalized press review arrives in France
However, the Irish regulator in charge of data protection (Data Protection Commission, equivalent of the French CNIL) now demands that all data from European users not leave the European Union. Basically, this means that a French’s data cannot end up on Facebook’s American servers. However, the social network, like the Instagram it owns, relies on precisely these data exchanges.
The reason for this request: Privacy Shield is not sufficient to ensure data security when transferring between Europe and the United States. In addition, social networks are closely watched. How can we ensure that the personal information of Europeans will remain… personal.
A word of appeasement but no solution
Earlier this week, we reported in our columns that, faced with this decision, Facebook threatened to leave Europe, thus blocking the connections to Instagram and Facebook of its 400 million European internet users. Upsets among European advertisers, influencers and self-employed people who rely on Facebook and Instagram. A few hours later, a press release calmed the discussions, but provided no solution.
In it, Facebook confirms not wanting to leave Europe. But the American firm explains that it would prefer that the rules imposed by a regulator could be written taking into account the economic reality: we are in a global ecosystem. Impossible to cut off a region from the rest of the world.
A need to protect which isolates Europe?
Facebook therefore asks that the demands of the Irish DPC do not be so categorical. Of course, offering a company the option of deviating from a rule makes the rule almost useless: to ensure free competition, it is not possible to offer an alternative to one actor without offering it to all the others.
There is, however, a background of economic truth in Facebook’s press release: it is impossible to prevent data transfers between Europe and the United States, or between Europe and other parts of the world (even if the root of the problem is data security in the United States). On the contrary, they must be encouraged in a global economic system, while ensuring the security of personal information, both in the transfer (which Privacy Shield was supposed to do) and in the use of the data made from it.
In fact, there are too many important services that depend on the Europe / United States connection.
Because, the problem is that there are too many professional and consumer services that depend on this cross-border connection. This is all the more true since the start of the year and the health crisis. Video conferencing system. VOD platform. Entertainment service. Simply accessing the Play Store to install an Android app or update iOS or Windows requires personal data transfer between Europe and the United States that allows the download.
Facebook reconfirms the comments of its personal data manager before the Irish court: it is impossible today to offer its services respecting the decisions of the Irish DPC. On the other hand, the American firm opens a dialogue with the European authorities in order to develop a system which reconciles the technical needs of the applications and the data security requirements. But creating this new system is a ” long term project “. It remains to be seen what the Irish regulator will have to respond to this speech.