Restrictions on personal data protection in the United States do not meet the requirements of EU law.
The EU court of justice overturned the decision of the European Commission 2016/1250, which recognized the adequacy of user data protection under the data protection Shield agreement between the EU and the United States.
On Thursday, July 16.
According to the court, the restrictions on the protection of personal data arising from the national legislation of the United States on the possibility of access to this data by US authorities are not spelled out in this EC decision in such a way that it is equivalent to the requirements of EU law.
The decision is related to a lawsuit by data protection activist Max Schrems from Austria, according to which the standard provisions of the data transfer contract do not guarantee the protection of the privacy of user data in the event of transfer to servers outside the EU вЂ” in the work of companies such as Facebook.
According to the General data protection regulation GDPR, the transfer of user data from the EU to a third country is only possible if the data is properly protected there.
Previously, Facebook leaked the personal data of users. About a hundred developers of Facebook apps were able to access user data because the new rules on user data were not fully implemented and developers were able to circumvent the ban on saving them.