Meta Platforms Inc. has once again threatened to pull Facebook and Instagram from Europe if it is unable to keep transferring user data back to the U.S., amid negotiations between regulators to replace a scrapped privacy pact.
European Union regulators have for months been stuck in negotiations with the U.S. to replace a transatlantic data transfer pact that thousands of companies relied on, but which got struck down by the EU Court of Justice in 2020 over fears citizens’ data isn’t safe once shipped to the U.S.
In its annual report published Thursday, Meta said that if it couldn’t rely on new or existing agreements — such as so-called standard contractual clauses — to shift data, then it would “likely be unable to offer a number of our most significant products and services, including Facebook and Instagram, in Europe.”
Meta has already warned in its previous annual report that if it is not allowed to use standard contractual clauses, it would be “unable to operate” parts of its business in Europe, without naming its two key social media platforms.
“We have absolutely no desire and no plans to withdraw from Europe, but the simple reality is that Meta, and many other businesses, organizations and services, rely on data transfers between the EU and the US in order to operate global services,” a Meta spokesman said in an emailed statement.
The latest comments highlight the increasing tension between the social media company and lawmakers over the ownership of user data. The stock suffered a 26% plunge Thursday over fears about Facebook’s outlook, which produced the biggest value wipeoutin stock market history. Meta shares were up about 1.6% in U.S. premarket trading Monday.
The European Commission said data transfer negotiations with Washington have intensified, but they “take time given also the complexity of the issues discussed and the need to strike a balance between privacy and national security,” a commission spokesperson wrote in a statement to Bloomberg on Monday.
“Only an arrangement that is fully compliant with the requirements set by the EU court can deliver the stability and legal certainty stakeholders expect on both sides of the Atlantic,” the spokesperson added.
Privacy campaigner Max Schrems has been long been challenging Facebook in the Irish courts — where the social media company has its European base — arguing that EU citizens’ data is at risk the moment it gets transferred to the U.S.
In 2020, Facebook sought a judicial review of the Irish Data Protection Commission’s preliminary decision that the company may have to halt trans-Atlantic data transfers using standard contractual clauses. An Irish court last year rejected the social network’s challenge, saying it didn’t establish “any basis” for calling into question the Irish watchdog’s findings.
Data protection authorities are increasingly scrutinizing these kinds of supplementary security measures that have allowed companies to send data back and forth in the absence of a new agreement, according to Patrick Van Eecke, a partner and head of cyber and data at law firm Cooley LLP.
“I am not surprised companies outside of Europe are reconsidering whether or not it makes sense to continue offering services to the European market as there are not many options left any longer,” said Van Eecke.
It is not the first time Facebook has threatened to withdraw its services. In 2020 it said it plans to block people and publishers in Australia from sharing news, in an attempt to push back against a proposed law forcing the company to pay media firms for their articles.
The company has also previously affirmed its commitment to Europe.
Nick Clegg, the company’s head of global affairs, said at an event in 2020: “Let me also be absolutely crystal clear. We have absolutely no desire, no wish, no plans to withdraw our services from Europe. Why would we?”