ISFE, EGDF express concerns over CJEU ruling on EU to US data transfer
Both organizations call free data transfer"crucial" to the EU games industry
Both the Interactive Software Federation of Europe and the European Games Developer Federation have expressed concerns regarding a recent Court of Justice of the European Union decision impacting data transfer between the EU and the United States.
The ruling was made today in the case of the Data Protection Commissioner v Facebook Ireland and Maximillian Schrems, in which Schrems -- who resides in Austria -- issued a complaint that his personal data was being transferred by Facebook Ireland to Facebook servers in the United States, which he claimed did not offer sufficient protection against access by US public authorities.
The CJEU ruled that when personal data is transferred to a third country, it must receive a level of protection essentially equivalent to that guaranteed in the EU by GDPR, and that the EU-US Privacy Shield does not satisfy those requirements, as US surveillance programs are not limited to what is "strictly necessary," and thus the Privacy Shield has been rendered invalid.
However, both the ISFE and the EGDF are concerned that the invalidation of the Privacy Shield will jeopardize necessary elements of the EU games industry with regard to data transfer.
"A solution must be found," said ISFE CEO Simon Little. "The transfer of data between the EU and the US is crucial to the full functioning and continued growth of Europe's €21bn-strong video games industry.
"Our industry is fully committed to the security of player data and supports the European Commission's work to modernise European data protection rules and to improve the mechanisms for transferring data to third countries, but today's decision is a blow to the ability of European games companies to reach a global market."
EGDF COO Jari-Pekka Kaleva said, "The free flow of data between Europe and the US is crucial for game developer studios. This ruling by the CJEU has the potential to create a significant regulatory market access barrier for European SMEs operating in global digital markets and it will adversely impact anyone working in Europe's digital economy.
"Government officials and policy makers in Washington and in Brussels need to act quickly to build a new, more reliable framework for data transfers securing high standards on privacy and enabling the much-needed digital growth on both sides of the Atlantic."