West News Wire: In violation of European data protection laws, Meta, the parent company of Facebook, was fined a record-breaking €1.2 billion ($1.3 billion) on Monday by Ireland’s Data Protection Commission and subsequently instructed to stop transferring data obtained from Facebook users in Europe to the United States.
According to the body’s ruling, the corporation disregarded a ruling made in 2020 by the European Union’s top court that Facebook data moved from the EU to the US “was not sufficiently protected from American spy agencies.” This is according to the New York Times (NYT). Meta will soon start a protracted appeals procedure.
It should be noted that this EU decision is on top of an ongoing $725 million class-action lawsuit impacting hundreds of millions of users who were active in the United States from May 2007 to December 2022. Facebook stands accused of making users’ data available to third parties without their permission.
Austrian privacy activist Max Schrems, whose investigations launched previous cases against Meta, was reported by the NYT as saying that “Unless US surveillance laws get fixed, Meta will have to fundamentally restructure its systems.” According to Schrems, the solution will likely be a “federated social network” where most user data would stay in the EU except for “necessary” transfers, for example, when someone in the EU messages someone in the US.
Meta, on the other hand, claimed that it was unfairly singled out. Former UK deputy prime minister Sir Nicholas Clegg and Jennifer G. Newstead, the company’s chief legal officer, warned in a statement that if such decisions are implemented, “the internet risks being carved up into national and regional silos, restricting the global economy and leaving citizens in different countries unable to access many of the shared services we have come to rely on.”
But most individuals are curious as to whether these data transfers actually pose a security risk. Without a doubt, the answer is yes. The fourth amendment to the US Constitution, which is intended to prohibit unreasonable searches and seizures by the government has effectively been suspended.
In the landmark Carpenter v. United States case, the US Supreme Court held that the state needs to issue a search warrant to compel companies to hand over sensitive data, in this case, location data. But, this does not apply if the companies provide such data voluntarily – for example, by selling it through data brokers for a hefty fee. This means that government agencies can essentially write a massive check and purchase data on the free market, whether relevant to an ongoing case or not.
For its part, SCOTUS has not heard another case that alters this interpretation of Carpenter, and since legislation from Congress is so extraordinarily antiquated and far behind other blocs or countries, such as the EU or China, there are no laws on the books to keep the government from purchasing this data. This leads to a serious legal and ethical dilemma.
For one, the state does have a legitimate interest in collecting new data points for ongoing cases. Consider the latest data that indicates about half of US murder cases go unsolved. It is foreseeable that data from Big Tech companies could help crack these cases – and, indeed, I know this to be true because my own uncle was charged in a string of rapes in Kentucky and Ohio spanning back thirty years after DNA provided from a private ancestry firm used by my grandfather was picked up by law enforcement.
In this case, justice clearly prevailed. Without this evidence, which was obtained through a voluntary exchange between the state and a private firm, this monster would still be out menacing the community and destroying lives. This instance of data collection helped a just cause, and I am actually quite thankful.
However, it is also obvious that this might eventually result in sinister state activities. Furthermore, it makes no sense for the US government to claim this justification when gathering data on the world’s population given that those who commit such heinous crimes in the US are not those who reside outside. The existing quo obviously serves no purpose, even though the state may have some interest in particular data and new rules governing this are undoubtedly needed.
Given the ten years since the Edward Snowden leaks, we already know that US intelligence collects all sorts of bulk data about people all around the world. We know, according to The Guardian’s reporting, that the US has programs like PRISM, which allows for the direct monitoring of Americans’ Google and Yahoo accounts, or XKeyscore, which is an analytical tool that collects “almost anything done on the internet.” And the US is able to do this maintain its global information hegemony because companies are compelled to provide data via search warrants, and there are lucrative financial incentives to voluntarily turn over data to the state.
Perhaps this historic lawsuit against Meta will serve as a sort of wake-up call to people regarding US technology, letting them know that it is exceedingly risky and should not be trusted. While entirely ignoring the fact that the US government and its collaborators in the commercial sector are the main dangers to global cyber security, many nations around the world, notably those in Europe, are adopting cues from US intelligence to restrict Chinese or Russian technology.
