Schrems II and Surveillance: Third Countries’ National Security Powers in the Purview of EU Law, European Law Blog external link

2020

Abstract

On 16 July 2020 the Court of Justice of the European Union (CJEU) composed as Grand Chamber delivered its landmark ruling Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems (case C-311/18, “Schrems II”). The focus of my commentary will be on the aspect that EU law on cross-border transfers of personal data to a third country is not deferential to national security powers of that third country. This judgment is remarkable provided that electronic surveillance conducted by Member States’ intelligence authorities for the purpose of national security is off limits for EU law and that exceptions in international agreement are fairly regularly made for national security. This contribution will deal with the embedded assessment of a third country’s national security powers under the General Data Protection Regulation (Regulation (EU) 2016/679, GDPR) and will address the criticism that a third country is held to stricter standards than a Member State of the Union.

adequacy decision, C-311/18, Charter of Fundamental Rights, Facebook, frontpage, GDPR, General Data Protection Regulation, national security, Privacy Shield, Schrems II, Standard Contractual Clauses, Surveillance, united states

Bibtex

Online publication{Irion2020c, title = {Schrems II and Surveillance: Third Countries’ National Security Powers in the Purview of EU Law, European Law Blog}, author = {Irion, K.}, url = {https://europeanlawblog.eu/2020/07/24/schrems-ii-and-surveillance-third-countries-national-security-powers-in-the-purview-of-eu-law/}, year = {0724}, date = {2020-07-24}, abstract = {On 16 July 2020 the Court of Justice of the European Union (CJEU) composed as Grand Chamber delivered its landmark ruling Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems (case C-311/18, “Schrems II”). The focus of my commentary will be on the aspect that EU law on cross-border transfers of personal data to a third country is not deferential to national security powers of that third country. This judgment is remarkable provided that electronic surveillance conducted by Member States’ intelligence authorities for the purpose of national security is off limits for EU law and that exceptions in international agreement are fairly regularly made for national security. This contribution will deal with the embedded assessment of a third country’s national security powers under the General Data Protection Regulation (Regulation (EU) 2016/679, GDPR) and will address the criticism that a third country is held to stricter standards than a Member State of the Union.}, keywords = {adequacy decision, C-311/18, Charter of Fundamental Rights, Facebook, frontpage, GDPR, General Data Protection Regulation, national security, Privacy Shield, Schrems II, Standard Contractual Clauses, Surveillance, united states}, }