Facebook May Be Ordered to Change Data Practices in Europe

Facebook is facing the prospect of not being able to move data about its European users to the United States, after European regulators raised concerns that such transfers do not adequately protect the information from American government surveillance.

The social network said on Wednesday that the Irish Data Protection Commission had begun an inquiry into its movement of data on European users to the United States. The Irish regulator oversees Facebook’s data practices in Europe and can fine it up to 4 percent of its global revenue for breaking European data protection laws.

The Silicon Valley company may now have to overhaul its operations to keep data on Europeans stored within the European Union, an immensely complicated task given the way that Facebook moves data among data centers around the world.

The inquiry, earlier reported by The Wall Street Journal, is the first major fallout of a European Union high court decision in July that invalidated a key trans-Atlantic agreement called Privacy Shield. That agreement between the United States and European Union had allowed businesses to send data between the two regions, but the court struck it down, saying Europeans did not have sufficient protections from American spy agencies.