Facebook has suggested to European regulators it will be unable to offer its services in the region if it's blocked from transferring data on local users to the U.S., Vice reports. That would mean losing more than 410 million users that support its advertising business, so it seems unlikely the company would actually follow through with such a threat.
Ireland's Data Protection Commission passed down an order last month ruling that Facebook must stop transferring data on European users to servers in the U.S. over concerns about government surveillance of users here. Edward Snowden in 2013 famously revealed that the NSA was collecting the contents of communications of foreigners through secret court orders under the broad discretion of national security law.
Because Facebook's European operations are based in Ireland, that country has authority over its business across the 27 member states of the EU. Yvonne Cunnane, Facebook Ireland’s head of data protection wrote in a sworn affidavit that if Irish authorities uphold the decision, "it is not clear to [Facebook] how, in those circumstances, it could continue to provide the Facebook and Instagram services in the EU.”
The irony — Ironically, Ireland's security concerns are the same reason why President Trump wants TikTok to store user data in the U.S. and separate from its Chinese owner (well, it may also be vindictive). Critics of the TikTok actions say that any privacy concerns would best be addressed through new national privacy legislation that applies to all tech companies operating in the U.S. and how they collect and manage user data.
U.S. legislators have been unwilling to advance new privacy protections where the EU has, so it's not surprising that Europeans want to protect themselves by keeping personal information stored locally. Facebook makes money through its global advertising network that allows brands to target European users from U.S. soil. Because of that model, much user data isn't encrypted end-to-end and Facebook can see it. And as the Cambridge Analytica scandal demonstrated, sometimes that data ends up being used for election manipulation.
America needs privacy laws — The European Communication and U.S. officials are currently negotiating how companies can send data on Europeans to the U.S. in compliance with EU requirements, but it's expected to take time. Technically speaking, EU privacy law states that it is illegal for a company to send information on EU residents to other parts of the world that don't offer equivalent privacy protections. A patchwork of temporary fixes have allowed such transfers to continue, but the ruling in Ireland determined that Europeans still don't have adequate protection from surveillance.
Blocking data transfers to the U.S. could make the cost of doing business in the EU much higher for American companies which would have to re-engineer services to silo off data collected from users there. Experts warned that the U.S. imposition to transfer TikTok could result in similar measures from other countries and hurt American businesses with global operations.
Facebook managed to delay the lawsuit with a ruling, which tells you it really doesn't actually want to shut down. But the fight is far from over.