It started with a poke. Max Schrems, a 27-year-old babyfaced Austrian lawyer, asked Facebook four years ago to hand over all the data it held on him, including records of whom he had “poked” – the digital equivalent of saying hello.
He wasn’t happy with the answer so he sued. The case is now before Europe’s highest court in what could ultimately rewrite the laws of privacy in Europe and force U.S. companies such as Facebook, Google and Microsoft to rethink their business models.
Today, 15 judges at the European Court of Justice in Luxembourg will discuss Mr. Schrems’ case regarding Safe Harbor, the legal agreement in effect since the late 1990s that has enabled the trans-Atlantic transfer of data on individuals between American and European companies, which is essential in almost any online business.
The case began in 2011, when Mr. Schrems complained to the Irish Data Protection Commission that Facebook was unlawfully keeping records of his activity on the social networking site in violation of European privacy law, without his permission.