In a landmark judgement today, the EU Court of Justice has ruled that current data-sharing arrangements between the EU and US are invalid in the wake of mass surveillance of EU citizens by the National Security Agency (NSA).
The case was brought by Austrian citizen and privacy campaigner Max Schrems, who claimed that Facebook should not be allowed to transfer his personal data from Ireland to data centres in the US as EU data protection rules are not respected there.
Under the current EU-US Safe Harbour agreement, American companies are permitted to transfer the private data of European citizens to the US if they self-certify that they are following certain steps to protect their customers' privacy. This is based on the assumption that the US provides similar levels of data protection as the EU. However, Edward Snowden's revelations on mass surveillance by the NSA have thrown the agreement into question.
Today's ruling will have a significant impact on US tech companies operating in the EU and will also influence the ongoing talks between the European Commission and US on renegotiating the Safe Harbour agreement.
Liberal Democrat MEP Catherine Bearder commented:
"This is a historic victory against indiscriminate snooping by intelligence agencies, both at home and abroad.
"In a globalised world, only a strong and binding international framework will ensure our citizens' personal data is secure.
"Being part of the EU means we can fight for strong safeguards that protect UK citizens' freedom and privacy.'"