A €1.2 billion fine against Meta has been upheld by the Court of Justice of the EU. Kieran Allen explains how the Irish Data Protection Commissioner fought tooth and nail to stop this happening.
In recent months there have been a series of news reports indicating that the Irish Government is worried that TikTok is sending data to the Chinese Government. As a result, TikTok apps on official phones have been banned.
In lockstep with this campaign, queries have been sent to People Before Profit asking if the party is worried that Chinese authorities might be gathering information from the phones of our TDs.
People Before Profit have replied that we are no more worried about TikTok than we might be about Facebook or Google. The pointed questions and government bans were simply part of a campaign by the US to block off competition by Chinese companies. As People Before Profit does not support either Chinese capitalism or US capitalism, it saw no reason to engage in the silly campaign against TikTok.
But new revelations arising from a case taken against Meta, the parent company of Facebook, blow apart the sinister propaganda campaign. And it shows Irish state complicity in hiding the role US technology companies play in US intelligence gathering.
Behind the Meta breach: How US Intelligence Works with Tech Companies
The bare facts have been reported in many outlets. Namely, Meta has been hit with a fine of €1.2 billion by the Data Protection Commissioner and ordered to suspend the transfer of European user data to the US. But behind these simple facts lie a tale of cover-up and Irish complicity.
It all started back in 2013 when Edward Snowden revealed that the US was operating a programme to gain access to the data of social media users all over the world. Under the code name PRISM, US intelligence collects data from US technology companies such as Microsoft, Google, Facebook, Youtube and Apple. The data included audio and video chats, e-mails, photographs and documents.
Edward Snowden had previously worked for the CIA and at the time he made the revelations he was hired as a subcontractor with the National Security Agency which ran the PRISM programme. Disgusted at what he saw and at the double speak about Chinese surveillance, he revealed what the US was up to. The US Justice Department immediately charged Snowden with violating the Espionage Act of 2017 and he had to flee the country, eventually taking up residence in Russia.
On foot of Snowden’s revelation, Max Schrems, an Austrian law student, filed a complaint against Facebook with the Irish Data Commissioner because the company located its European headquarters here for tax purposes.
The Irish Data Commissioner rejected the complaint, saying that it was “frivolous and vexatious” and that there was no case to answer. Schrems, however, did not give up. Instead he took a judicial review to the High Court who in turn referred it to the Court of Justice of the European Union.
Irish Data Protection Commissioner Covering for Meta
The eventual upshot of this case was highly significant because it ruled that Snowden’s revelations showed that the existing ‘Safe Harbour’ agreement which governed the transfer of data of European citizens to the US offered inadequate protection. There were enough loopholes in this agreement to enable US intelligence to spy – so under the much vaunted EU privacy laws it was ruled invalid.
However, the Irish Data Protection Commissioner then took the view that it could not take action, given that Meta made use of so-called “Standard Contractual Clauses”. But this was again rejected by the Court of Justice of the European Union, who told the Irish Data Commissioner that it must take action.
Schrems continued his fight up to the recent decision. But yet again the Irish Data Protection Commissioner tried to protect Meta by claiming that even though it was in the wrong in transferring data to the US, a fine should not be imposed. The only reason why Meta got such a huge fine was that other data protection commissioners throughout Europe had seen through the Irish game and forced her to impose the fine.
Here is Max Schrems own judgement on what happened, ‘it took us ten years of litigation against the Irish DPC to get to this result. We had to bring three procedures against the DPC and risked millions of procedural costs. The Irish regulator has done everything to avoid this decision, but was consistently overturned by the European Courts and institutions. It is kind of absurd that the record fine will go to Ireland – the EU Member State that did everything to ensure that this fine is not issued.’
Next time you hear about ‘concerns over TikTok’, remember Max Schrems and his battle with Facebook and the Irish Data Commissioner.