Privacy Shield, the legal agreement allowing businesses to export Europeans' personal information to the U.S., is under fire.
An Irish privacy advocacy group has challenged the adoption of the decision in the EU's second-highest court, Reuters reported Thursday, citing sources familiar with the case.
Privacy Shield entered effect in July, replacing the Safe Harbor framework, which had itself fallen victim to a legal challenge in October 2015. The new agreement supports transatlantic commerce worth US$260 billion, U.S. Secretary of Commerce Penny Pritzker has said, and has consequences for many companies offering cloud services to consumers.
While Safe Harbor's demise was an unexpected legal consequence of a complaint to the Irish privacy regulator about Facebook's handling of one user's personal information, the challenge to Privacy Shield is more explicit: a direct attempt to overturn the decision implementing it.
Digital Rights Ireland filed an action on Sept. 16, seeking annulment of a European Commission decision in the area of freedom, security and justice, according to electronic records of the Court of Justice of the EU.
Further details of the action will not be made public until they are published in the EU's Official Journal, a move that is expected in the next few days.
Digital Rights Ireland declined to comment on its action. "Unfortunately we aren’t in a position to offer any statement at all on this at this stage," a spokesman said.
The organization has a history of challenging EU authorities on privacy matters, though, helping overturn the Commission's Data Retention Directive in 2014, and contributing to the case that ended Safe Harbor.
European Commission officials did not immediately respond to a request for comment.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.