Social media giant Meta issued a warning in its annual report last Thursday that it may shut down its Facebook and Instagram social networks in Europe if it can no longer transfer user data to the U.S., CNBC writes.

In July 2020, the European Court of Justice ruled that the standard for sharing user data between the EU and the US does not adequately protect the privacy of European citizens.

Now regulators in Europe are busy drafting a new law that will determine how EU citizens’ user data will be transferred across the Atlantic.

The owner of Facebook and Instagram stated, “If a new transatlantic data sharing framework is not adopted and we are unable to continue to rely on standard contractual clauses or other alternative means of transferring data from Europe to the United States, it is likely that we will no longer be able to offer a number of our most significant products and services, including Facebook and Instagram, in Europe, which would materially and adversely affect our business, financial condition and results of operations.”

According to MEP Axel Voss, “Meta cannot blackmail the EU into abandoning its data protection standards.”

A Meta spokesperson assured that the company also has no intention or plans to leave Europe, and has voiced the same concerns previously.

“But the reality is that Meta and many other businesses, organizations and services rely on data transfers between the EU and the US to run global services,” he said.

It is known that in August 2020, the Irish Data Protection Commission sent Facebook a preliminary injunction to stop transferring user data from the EU to the US. The Data Protection Commission suggested during its investigation that, in practice, standard contractual clauses could not be used to transfer data between the EU and the US.

While it remains to be seen in detail, this approach could nevertheless have far-reaching implications for all those companies that rely on standard contractual clauses and for the online services that many people and businesses work with.

The Irish Data Protection Commission is due to make a final ruling in the first half of 2022.

If standard contractual clauses cannot be used as a legal basis for data transfers, Facebook will have to isolate much of the data it collects from its European users. Facebook could also be fined up to 4% of its annual revenue or $2.8 billion if it fails to comply.

It all started when, in light of Edward Snowden’s revelations that U.S. law does not adequately protect citizens from surveillance by government agencies, and a number of U.S. agencies such as the National Security Agency could theoretically ask Internet companies such as Facebook and Google to hand over data on EU citizens without their knowledge, Austrian activist Max Schrems sued Facebook, which had been transferring his data to the U.S. The lawsuit was filed by a U.S. court of law.

The EU Court of Justice, in its ruling, restricted the ability of US companies to send European users’ data to the US after concluding that EU citizens had no effective way to prevent surveillance by the US government. The court’s decision invalidated an agreement between the EU and the US that allowed firms to send EU citizens’ data across the Atlantic. This left companies with only one option – to use standard contractual clauses to transfer data.