May 23, 2023

Washington – The Reform Government Surveillance (RGS) coalition today released a statement responding to the final decision issued by the Irish Data Protection Commission, which announced yesterday that it had concluded its inquiry into Facebook data transfers between the United States (U.S.) and the European Union (EU), finding that Meta transferred personal data from the EU to the U.S. in ways that were not consistent with the EU’s General Data Protection Regulation following a ruling by the Court of Justice of the European Union. The decision concerns Meta’s use of legal instruments relied on by thousands of other U.S. and European companies to conduct EU-U.S. data transfers. The decision includes a $1.3 billion (€1.2 billion) fine, gives Meta five months to suspend data transfers between the U.S. and EU, and six months to relocate EU data that is overseas back to the EU.

“This decision makes clear the urgent need to finalize implementation of the EU-U.S. Data Privacy Framework that was first announced in March 2022, and to bring stability to transatlantic data flows. The RGS coalition urges the U.S. government to swiftly take the final steps necessary to operationalize the protections guaranteed under E.O. 14086 on Enhancing Safeguards for United States Signals Intelligence Activities, and the European Commission to issue a final adequacy decision. 

“The order to suspend Facebook’s EU-U.S. data transfers and impose on Meta a historic fine for an issue that has only arisen from a conflict of U.S. and EU law will create significant hardship for companies large and small who, like Meta, are conducting transfers today in good faith and pursuant to valid legal instruments.”