The European Union's highest court ruled Tuesday in favor of an Austrian law student who claims a trans-Atlantic data protection agreement doesn't adequately protect consumers, a verdict that could have far-reaching implications for tech companies doing business in Europe.
Student Max Schrems launched the case following revelations two years ago by former U.S. National Security Agency contractor Edward Snowden about the NSA's surveillance programs.
Schrems complained to the data protection commissioner in Ireland, where Facebook has its European headquarters, that U.S. law doesn't offer sufficient protection against surveillance of data transferred by the social media company to servers in the United States.
Irish authorities initially rejected his complaint, pointing to a 2000 decision by the EU's executive Commission that, under the so-called "safe harbor" agreement, the U.S. ensures adequate data protection.
The agreement has allowed for the free transfer of information by companies from the EU to U.S. It has been seen as a boost to trade since, absent such a deal, swift and smooth data exchange over the Internet would be much more difficult.