The Irish Data Protection Commission has opened an inquiry into Facebook’s handling of European user data, the platform confirmed Wednesday.
The regulator raised concerns that European user data – all of which goes through the company’s operations in Ireland – transferred to the U.S. may not be protected sufficiently from American surveillance.
The inquiry, first reported on by the Wall Street Journal, could compel Facebook to overhaul its operations to keep European data within the Union’s boundaries.
The investigation appears to be a direct result of a European Union high court decision earlier this summer that invalidated a data transfer deal between the EU and United States.
The agreement, known as the EU-US Privacy Shield, was set up in 2016 to create a framework that protected personal data when it was transferred to U.S. companies for commercial use and used by thousands of businesses.
The Court of Justice of the EU reached the ruling based on concerns that the U.S. could demand access to user data on national security grounds.
Facebook has been “setting out our position on how to secure the long-term stability of international data transfers,” Nick Clegg, Facebook’s vice president of global affairs, said Wednesday
“A lack of safe, secure and legal international data transfers would damage the economy and hamper the growth of data-driven businesses in the E.U., just as we seek a recovery from Covid-19,” he warned in a blog post.
“The impact would be felt by businesses large and small, across multiple sectors.”