Austrian privacy activist, Max Schrems will once again go up against Facebook in the European Court of Justice.

The outcome of the case could bring new strength to EU citizens’ data rights, and dictate the way companies around the world move private information around.

Central to the case is the way the social network and other companies use standard contractual clauses to transfer users’ personal and private data to the US and around the globe. At question is whether or not the methods used go contravene the EU’s General Data Protection Regulation, which has tough standards on protecting the personal data and privacy rights of EU citizens.

Banks, big tech firms and many other companies across all strata of industries rely heavily on cross-border data transfers, which can be worth billions of dollars.

Schrems’ struggle against Mark Zuckerberg’s firm dates back to 2011, when he requested his personal data from Facebook as part of college research. The Austrian law student was shocked by the results.

Facebook had a record of his entire user history, from pages he’d ‘liked’ to private messages he’d sent. Even personal communications regarding a friend’s health, which Schrems had deleted, were still held on the social network’s servers.

Schrems made 22 complaints to the Irish Data Protection Commission, in which he claimed that Facebook was breaking European data protection laws, in fundamental violation of user privacy.

A prolonged battle with Facebook took him all the way to the European Court of Justice, where in 2015, a landmark legal victory triggered an international crisis, and saw the end of Safe Harbour, a data-transfer interface used by thousands of organisations.

Today a lawyer, Schrems continues to fight for global privacy rights through his NGO, (None of Your Business), a privacy lobbying group dedicated to ensuring regulators enforce the laws that are there to protect us. The goal is to uphold data privacy which Schrems considers “the most unenforced right” in Europe.

Tanguy Van Overstraeten, global head of data protection at law firm, Linklaters, said:

“The whole data transfer system would be impacted and could impact the global economy. There are alternatives to the standard clauses, including the derogations set out in the GDPR such as consent, contractual necessity and others but they are strictly interpreted and difficult to apply in practice.”

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

GDPR Summit Series is a global series of GDPR events which will help marketers to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond. Further information and conference details are available at

comments powered by Disqus