Mark Zuckerberg would no doubt love to receive good news. In any case, he would not be against the bad news stopping. If only for a week, especially as the stock price continues to feel the pain on Wall Street.
Meta Platforms (FB), formerly known as Facebook, on Tuesday lost almost 2%. Since January, nearly $310 billion in market capitalization has vanished.
And as if that weren't enough, Zuckerberg is no longer part of the Top 10 richest people on the planet. The CEO, who once aspired to run for President, is now ranked 13 in the Bloomberg Billionaires Index, with a personal fortune estimated at $78.2 billion.
His net wealth has shrunk by $47.3 billion in one year, according to this ranking, the last update of which dates back to Feb. 21. Zuckerberg's fortune is largely tied to his stake in Meta.
Things are not about to work out, and for good reason. Meta just received bad news from a European regulator concerning the transfer of the personal data of its users from the EU to the U.S.
Meta Has 28 Days to Respond
The Irish Data Protection Commission (IDPC), a regulator with cross-border jurisdiction under general data protection regulation privacy law for big tech platforms, sent its "revised draft decision" on the fate of the company users' data flows to the United States, Graham Doyle, head of communications, told TheStreet by phone. Meta has 28 days to submit its observations, Doyle added.
"We issued our decision to Meta yesterday. And we have given them 28 days to come back to us with any comments they have. And at that stage we will prepare our draft decision and send our draft decision to our colleague data protection authorities in the EU and I expect that to happen in April," Doyle said.
The stakes are high: if the Meta is prohibited from transferring information, its activities in Europe will be very strongly affected.
"We are also subject to evolving laws and regulations that dictate whether, how, and under what circumstances we can transfer, process and/or receive certain data that is critical to our operations, including data shared between countries or regions in which we operate and data shared among our products and services," Meta wrote in its annual report on Feb. 3.
"If we are unable to transfer data between and among countries and regions in which we operate, or if we are restricted from sharing data among our products and services, it could affect our ability to provide our services, the manner in which we provide our services or our ability to target ads, which could adversely affect our financial results," the company warned.
TheSTreet
Doyle refused to reveal the contents of the decision.
But according to a statement provided by Meta to TheStreet, it's likely that the EU regulator is ordering the company to suspend data transfers to the U.S.
"This is not a final decision and the IDPC have asked for further legal submissions," Jay Nancarrow, a spokesperson said in an email statement. "Suspending data transfers would be damaging not only to the millions of people, charities, and businesses in the EU who use our services, but also to thousands of other companies who rely on EU-US data transfers to provide a global service."
Final Decision in May?
"A long-term solution on EU-US data transfers is needed to keep people, businesses and economies connected,” Nancarrow added.
This statement by the company is in line with what it said in its annual report.
"The Privacy Shield, a transfer framework we relied upon for data transferred from the European Union to the United States, was invalidated in July 2020 by the Court of Justice of the European Union. In addition, the other bases upon which Meta relies to transfer such data, such as Standard Contractual Clauses, have been subjected to regulatory and judicial scrutiny," Meta said at the time.
"In August 2020, we received a preliminary draft decision from the Irish Data Protection Commission that preliminarily concluded that Meta Platforms Ireland's reliance on SCCs in respect of European user data does not achieve compliance with the General Data Protection Regulation and preliminarily proposed that such transfers of user data from the European Union to the United States should therefore be suspended."
Meta warned then that "If a new transatlantic data transfer framework is not adopted and we are unable to continue to rely on SCCs or rely upon other alternative means of data transfers from Europe to the United States, we will likely be unable to offer a number of our most significant products and services, including Facebook and Instagram, in Europe, which would materially and adversely affect our business, financial condition, and results of operations."
It is unclear when the final decision in this matter will be known as there is a process involving back and forth first between IPDC and Meta and then between IPDC and regulators in other European countries.
"Depending on how quickly it moves, we could have a final decision by around the end of May," Doyle said.
Meta
This timeframe also seems to fit with the one identified by Meta at the beginning of February.
"We believe a final decision in this inquiry may issue as early as the first half of 2022," the company wrote.
This decision will affect many American companies, not just Meta.
Meta mainly blames the EU for the decision of the Court of Justice of the EU, the Schrems II judgment, to cancel the Privacy Shield agreement. The latter regulated the transfer of data from the EU to the U.S. According to the EU General Data Protection Regulation (GDPR), there can be no transfer of data to a country with a lower level of protection than that existing in Europe. Unless specific insurance is taken out by the company.
The Privacy Shield alleviated these obligations, which the CJEU found to be inconsistent with the GDPR. Meta, which stores, transfers and processes European data on servers in the United States, disagrees.
Until now, and pending the negotiation of a new agreement, Meta, Google (GOOGL) and other digital companies, have a temporary way out: the “standard contractual clauses”.
