A landmark case with regard to European data protection laws has come before the Irish courts with questions being raised over the validity of Standard Contractual Clauses (SCCs), which are routinely used to facilitate the transfer of personal data from Europe to rest of the world.
The case has stemmed from the invalidation by the Court of Justice of the European Union (CJEU) of the Safe Harbor Agreement in the Schrems case last year (read more here). This agreement had been in place between the European Union and the United States for 15 years before being struck down. Since the invalidation of Safe Harbor, companies have been relying almost exclusively on SCCs as a method of ensuring that any transfer of data to the US complies with EU privacy and data protection laws.
The Data Protection Commissioner has stated that claims that personal privacy rights of EU citizens are being breached are “well founded” and is seeking a referral to the CJEU, as a decision on the validity of the SCCs cannot be made by a national court. If the question is referred by the Commercial Court, the CJEU will be asked to make a decision on whether the transfer of data to the US could mean that it can be processed and assessed in a manner that is inconsistent with the Charter of Fundamental Rights of the EU.
Given the huge ramifications of the case, a large number of organisations had applied to intervene to join the case as amicus curiae. Of these four were successful: the United States Government which the CJEU felt had a “significant bona fide interest” in the outcome of the case; BSA