Facebook has threatened to cease operations across the European Union if a new ruling by Ireland's Data Protection Commission (DPC), regarding its data transfer mechanism, is not blocked.
In an affidavit submitted to the Ireland's High Court in Dublin on Monday, Yvonne Cunnane, Facebook Ireland's head of data protection and associate general counsel, said the DPC's order would force the company to stop providing its services in Europe, leaving nearly 410 million people unable to use the popular Facebook and Instagram social media platforms.
The order referred to is the preliminary ruling issued by the DPC last month, which asked Facebook to stop transferring European users' data to servers based in the USA. The Irish regulator said it was concerned that the privacy of European citizens might not be respected in the US, as the data transferred would be subject to the US surveillance regime.
In its ruling, the DPC told Facebook that it cannot use the Standard Contractual Clauses (SCCs) mechanism to transfer users' data between the EU and the US.
Facebook, which says it is unsure if it can continue to operate in Europe if the data protection ruling comes into effect, challenged the DPC's decision in the court.
"It is not clear to [Facebook] how, in those circumstances, it could continue to provide the Facebook and Instagram services in the EU," Cunnane argued in the affidavit, according to Reuters.
She also accused the DPC of singling out Facebook, saying no other company had received such directives.
"If [Facebook] alone is being investigated and subject to a suspension of data transfers to the US, this would be liable to create a serious distortion of competition."
Cunnane said the Irish regulator was not treating Facebook properly. She also raised concerns that the decision was made "solely" by Helen Dixon, the commissioner of Ireland's DPC.
The company has three weeks to respond to the new directive.
Facebook denied that its statement regarding stopping operations in the EU was an attempt to force the Irish regulator to change its order. The company also argued that a lack of legal and secure international data transfers would hamper the growth of data-driven businesses in Europe.
A judge has put a temporary stop on the regulator's order. The next hearing in the case will be held in November.
Schrems 'pretty much done with waiting' for a resolution to the Facebook privacy case after seven years and five court cases
We need a single digital identity to authenticate us at work, prove who we are to our energy company, and let us log in seamlessly to our favourite news site
The government skipped essential data privacy impact assessments in its rush to get the system up and running
Why companies don't need to turn to surveillance technologies to push for remote-working productivity
There are ways to promote collaboration without having to resort to micromanaging or using intrusive surveillance tools
Privacy activist Max Schrem's court victory creates an ideal opportunity for open source and open data approaches, says OpenUK's Amanda Brock