London financial newspaper CityAM explains that Meta had used the transatlantic data transfer framework called Privacy Shield as the legal basis to transfer data on European users from the continent onto US servers, but the treaty was annulled in 2020 over data privacy violations. Meta also uses other agreements to enable transatlantic transfers and to store European user data within the US, though these are also under scrutiny from regulators. In its annual report to the US securities and exchange commission, Meta wrote: “If we are unable to transfer data between and among countries and regions in which we operate, or if we are restricted from sharing data among our products and services, it could affect our ability to provide our services, the manner in which we provide our services or our ability to target ads.” Meta goes on to say that it is confident it will be able to reach agreements in 2022, but if it is no longer allowed to use current agreements or similar alternatives, it will “likely be unable to offer a number of our most significant products and services, including Facebook and Instagram, in Europe.” Nick Clegg, Meta’s VP of Global Affairs and Communications, told CityAM that “a lack of safe, secure and legal international data transfers would damage the economy and hamper the growth of data-driven businesses in the EU, just as we seek a recovery from Covid-19.”
Given that Meta’s shares took a hammering last week after user numbers fell for the first time ever, wiping billions off its value, the chances of FB and Instagram really shutting down in Europe are slim to none—this feels more like an empty threat. Facebook alone has 309 million daily active users in Europe; Meta won’t want to lose all that potential revenue and spook investors even more. A Facebook spokesperson said that “We have absolutely no desire and no plans to withdraw from Europe, but the simple reality is that Meta, and many other businesses, organizations and services, rely on data transfers between the EU and the US in order to operate global services.” “Fundamentally, businesses need clear, global rules to protect transatlantic data flows over the long term, and like more than 70 other companies across a wide range of industries, we are closely monitoring the potential impact on our European operations as these developments progress.”