Facebook faced a setback in October when the Court of Justice of the European Union, in a complaint against the company, declared invalid a "safe harbor" agreement governing personal data transfers between the European Union and the U.S., as the data was not protected from spying by U.S. agencies.
Facebook claims the controls related to datr have been evaluated and validated many times by the Irish Data Protection Commissioner. The company has held that it has only one establishment in the EU in Ireland, and that Irish law is applicable to the processing of personal data of all European users, according to a recommendation in May by the Belgian Privacy Commission. The commission asserted jurisdiction, stating, among other reasons, that local processor Facebook Belgium was a permanent establishment in Belgian territory being run by Facebook in the U.S.
Sign up for CIO Asia eNewsletters.